aux/keyserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add missing max-age param to HPKP

Browse Source
This commit is contained in:
Tankred Hase 2016-06-10 17:58:19 +02:00
parent 7e9a17266b
commit 2d00917ff2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/app.js
View File

@ -85,10 +85,10 @@ app.use(function *(next) {
// Set HTTP response headers // Set HTTP response headers
app.use(function *(next) { app.use(function *(next) {
if (util.isTrue(config.server.upgradeHTTPS)) { if (util.isTrue(config.server.upgradeHTTPS)) {
this.set('Strict-Transport-Security', 'max-age=31536000'); this.set('Strict-Transport-Security', 'max-age=16070400');
} }
if (config.server.publicKeyPin) { if (config.server.publicKeyPin) {
this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"'); this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"; max-age=16070400');
} }
this.set('Access-Control-Allow-Origin', '*'); this.set('Access-Control-Allow-Origin', '*');
this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');