Mercurial > repos > other > Puppet

changeset 105:e50dab7495d7 puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make sure that we're always setting HSTS headers, even when cannonicalising domains
author IBBoard <dev@ibboard.co.uk>
date Sat, 23 Apr 2016 16:28:47 +0100
parents 32d9331af12c
children ef0926ee389a
files modules/website/manifests/https.pp modules/website/manifests/https/redir.pp
diffstat 2 files changed, 2 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/modules/website/manifests/https.pp	Thu Apr 21 20:53:37 2016 +0100
+++ b/modules/website/manifests/https.pp	Sat Apr 23 16:28:47 2016 +0100
@@ -29,7 +29,7 @@
   $logpart = $shortname
   $shortdomain = domain_to_short_domain($name)
 
-  $custom_conf0 = 'Header add Strict-Transport-Security "max-age=16070400; includeSubDomains"'
+  $custom_conf0 = 'Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"'
 
   if $force_no_index {
     $custom_conf1 = "$custom_conf0
--- a/modules/website/manifests/https/redir.pp	Thu Apr 21 20:53:37 2016 +0100
+++ b/modules/website/manifests/https/redir.pp	Sat Apr 23 16:28:47 2016 +0100
@@ -97,7 +97,7 @@
     docroot_group   => $group,
     redirect_status => 'permanent',
     redirect_dest   => $redir,
-    custom_fragment => 'Header add Strict-Transport-Security "max-age=16070400; includeSubDomains"',
+    custom_fragment => 'Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"',
     logroot         => '/var/log/apache/',
     access_log_file => "access_${logpart}${log_extra}.log",
     error_log_file  => "error_${logpart}${log_extra}.log",