[CONFIG] add HSTS header

2016-05-31 13:56:46 +02:00 · 2016-05-31 13:56:46 +02:00 · 0d944ae8e4
parent 88b6033520
commit 0d944ae8e4
1 changed files with 1 additions and 0 deletions
--- a/site/config/config.php
+++ b/site/config/config.php
@ -3,6 +3,7 @@ header("Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-in
 //header("X-Content-Type-Options: nosniff");  // enabled at server-side
 //header("X-Frame-Options: deny");            // enabled at server-side
 //header("X-Xss-Protection: 1; mode=block");  // enabled at server-side
+header("Strict-Transport-Security: max-age=31536000");

 /*
 License Setup