public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1619 from ether/stricter-transport 

Enable HSTS on TLS connections
pull/2184/head
John McLear 2014-06-17 12:58:47 +01:00
parent 6dd66c6a16 897f5189b0
commit c627608ea5
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/node/hooks/express.js
View File

@ -71,6 +71,11 @@ exports.restartServer = function () {
} }
app.use(function (req, res, next) { app.use(function (req, res, next) {
// res.header("X-Frame-Options", "deny"); // breaks embedded pads
if(settings.ssl){ // if we use SSL
res.header("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
}
res.header("Server", serverName); res.header("Server", serverName);
next(); next();
}); });