From: Rafael dos Santos Silva Date: Fri, 14 Jul 2017 02:37:48 +0000 (-0300) Subject: FIX: HSTS header was overwrote by Referrer-Policy add_header X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=d03f5ef1e260a1ae1f2bd9b37d4df3a00790d066;p=discourse_docker.git FIX: HSTS header was overwrote by Referrer-Policy add_header --- diff --git a/templates/web.ssl.template.yml b/templates/web.ssl.template.yml index 76b600e..681abdc 100644 --- a/templates/web.ssl.template.yml +++ b/templates/web.ssl.template.yml @@ -37,3 +37,9 @@ run: if ($http_host != $$ENV_DISCOURSE_HOSTNAME) { rewrite (.*) https://$$ENV_DISCOURSE_HOSTNAME$1 permanent; } + - replace: + filename: "/etc/nginx/conf.d/discourse.conf" + from: /add_header Referrer-Policy 'no-referrer-when-downgrade';/m + to: | + add_header Referrer-Policy 'no-referrer-when-downgrade'; + add_header Strict-Transport-Security 'max-age=31536000'; # remember the certificate for a year and automatically connect to HTTPS for this domain