liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: HSTS header max-age value (#3225)

Browse Source
This commit is contained in:
pylr 2021-03-19 02:53:55 +01:00 committed by GitHub
parent 5ffa189383
commit e87d511978
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/middlewares/security.js
View File

@ -33,7 +33,7 @@ module.exports = function (req, res, next) {
// -> Enforce HSTS // -> Enforce HSTS
if (WIKI.config.security.securityHSTS) { if (WIKI.config.security.securityHSTS) {
res.set('Strict-Transport-Security', `max-age=${WIKI.config.securityHSTSDuration}; includeSubDomains`) res.set('Strict-Transport-Security', `max-age=${WIKI.config.security.securityHSTSDuration}; includeSubDomains`)
} }
// -> Prevent Open Redirect from user provided URL // -> Prevent Open Redirect from user provided URL