dnrops
/
cryptpad
mirror of https://github.com/xwiki-labs/cryptpad
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

relex HSTS header checkup to only require a max age 

Signed-off-by: creme <creme@envs.net>
This commit is contained in:
creme 2022-12-16 17:44:02 +01:00
parent a7463c1987
commit 940d7d3118
No known key found for this signature in database
GPG Key ID: C147C3B7FBDF08D0
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
www/checkup/main.js
View File

@ -1579,8 +1579,7 @@ define([
var HSTS = H['strict-transport-security'];
// check for a numerical value of max-age
// and the use of includeSubDomains
if (/max\-age=\d+/.test(HSTS) && /includeSubDomains/.test(HSTS)) {
if (/max\-age=\d+/.test(HSTS)) {
return void cb(true);
}