summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2016-07-12 17:27:24 +0200
committerGuilhem Moulin <guilhem@fripost.org>2016-07-12 17:27:24 +0200
commite8cdae5ccc1aba3dc1e9991cce2942fdf93cabcb (patch)
tree81ca522ae1c3ae53479d0fd6fb5560fa4b0d4a99
parentab90bbd0a1983d8571a030fcd9d95d8576a0e8bc (diff)
HSTS: use the standard capitalization of includeSubDomains.
Cf. RFC 6797 sec. 6.1.2.
-rw-r--r--roles/common-web/files/etc/nginx/snippets/ssl.conf2
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/common-web/files/etc/nginx/snippets/ssl.conf b/roles/common-web/files/etc/nginx/snippets/ssl.conf
index 4e2da6e..09082e7 100644
--- a/roles/common-web/files/etc/nginx/snippets/ssl.conf
+++ b/roles/common-web/files/etc/nginx/snippets/ssl.conf
@@ -19,7 +19,7 @@ ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECD
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
-add_header Strict-Transport-Security 'max-age=15768000; includeSubdomains';
+add_header Strict-Transport-Security 'max-age=15768000; includeSubDomains';
# OCSP Stapling: fetch OCSP records from URL in ssl_certificate and cache them
# https://github.com/jsha/ocsp-stapling-examples/blob/master/nginx.conf