Mercurial > repos > other > Puppet
view modules/website/templates/https_core_conf.erb @ 173:c72d2b5f9be2 puppet-3.6
Try to fix NextCloud warnings about "wrong" headers
The problem is that "always set" results in two values and NextCloud
checks for a perfect match.
Removing "always" means header only gets added on "success" pages
and not error pages, so hopefully it still gets added in all
appropriate places.
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sat, 17 Feb 2018 20:59:37 +0000 |
| parents | 9cf4ebd6d2ba |
| children | 4519b727cc4c |
line wrap: on
line source
Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains" Header set X-Xss-Protection "1; mode=block" Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" RewriteCond %{HTTP_HOST} !=<%= @primary_name %> RewriteRule ^(.*)$ https://<%= @primary_name %>$1 [R=301,L]