diff options
| author | Sytse Sijbrandij <sytses@gmail.com> | 2014-10-03 14:12:23 +0400 |
|---|---|---|
| committer | Sytse Sijbrandij <sytses@gmail.com> | 2014-10-03 14:12:23 +0400 |
| commit | 0cc30145f441a16ce513bba942ea67ede4086a7f (patch) | |
| tree | a94ddfc7ce9c8230c8f823a36a52cefba7e4437c /lib/support | |
| parent | f74dba8c42ba5466945085bca137cc3a3a39ee87 (diff) | |
| parent | 765eabeacccbc199bb2a762dffdb7abde6adb246 (diff) | |
Merge pull request #7664 from bbodenmiller/patch-2
add HSTS Policy warning
Diffstat (limited to 'lib/support')
| -rw-r--r-- | lib/support/nginx/gitlab-ssl | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl index 19409e41f40..5f1afe6575c 100644 --- a/lib/support/nginx/gitlab-ssl +++ b/lib/support/nginx/gitlab-ssl @@ -72,6 +72,8 @@ server { ssl_prefer_server_ciphers on; + ## [WARNING] The following header states that the browser should only communicate + ## with your server over a secure connection for the next 24 months. add_header Strict-Transport-Security max-age=63072000; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; |