diff --git a/example/nginx/nginx.conf b/example/nginx/nginx.conf index 5e8a0496b..5c2150253 100644 --- a/example/nginx/nginx.conf +++ b/example/nginx/nginx.conf @@ -30,6 +30,7 @@ http { ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; location / { proxy_set_header X-Original-URI $request_uri; @@ -58,6 +59,8 @@ http { ssl on; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; } server { @@ -70,6 +73,8 @@ http { ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + location /auth_verify { internal; proxy_set_header X-Original-URI $request_uri; @@ -124,6 +129,8 @@ http { ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + location /auth_verify { internal; proxy_set_header X-Original-URI $request_uri; @@ -161,6 +168,8 @@ http { ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + location /auth_verify { internal; proxy_set_header X-Original-URI $request_uri; @@ -198,6 +207,8 @@ http { ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + location /auth_verify { internal; proxy_set_header X-Original-URI $request_uri; @@ -235,6 +246,8 @@ http { ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + location /auth_verify { internal; proxy_set_header X-Original-URI $request_uri;