HSTS
Co-Authored-By: tamaina <tamaina@hotmail.co.jp>
This commit is contained in:
parent
b846eb8afe
commit
0f99469243
|
@ -41,6 +41,17 @@ app.use((req, res, next) => {
|
|||
next();
|
||||
});
|
||||
|
||||
/**
|
||||
* HSTS
|
||||
* 6month(15552000sec)
|
||||
*/
|
||||
if (config.url.startsWith('https')) {
|
||||
app.use((req, res, next) => {
|
||||
res.header('strict-transport-security', 'max-age=15552000; preload');
|
||||
next();
|
||||
});
|
||||
}
|
||||
|
||||
// Drop request when without 'Host' header
|
||||
app.use((req, res, next) => {
|
||||
if (!req.headers['host']) {
|
||||
|
|
Loading…
Reference in a new issue