From f523e5335f7f6bf95d6174039cb512aeca75af65 Mon Sep 17 00:00:00 2001
From: Clement Michaud <clement.michaud34@gmail.com>
Date: Sun, 15 Oct 2017 17:18:15 +0200
Subject: [PATCH] Use HSTS in example

---
 example/nginx/nginx.conf | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/example/nginx/nginx.conf b/example/nginx/nginx.conf
index 5e8a0496b..5c2150253 100644
--- a/example/nginx/nginx.conf
+++ b/example/nginx/nginx.conf
@@ -30,6 +30,7 @@ http {
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
 
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 
         location / {
             proxy_set_header  X-Original-URI $request_uri;
@@ -58,6 +59,8 @@ http {
         ssl on;
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
+
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
     }
 
     server {
@@ -70,6 +73,8 @@ http {
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
 
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
         location /auth_verify {
             internal;
             proxy_set_header  X-Original-URI $request_uri;
@@ -124,6 +129,8 @@ http {
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
 
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
         location /auth_verify {
             internal;
             proxy_set_header  X-Original-URI $request_uri;
@@ -161,6 +168,8 @@ http {
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
 
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
         location /auth_verify {
             internal;
             proxy_set_header  X-Original-URI $request_uri;
@@ -198,6 +207,8 @@ http {
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
 
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
         location /auth_verify {
             internal;
             proxy_set_header  X-Original-URI $request_uri;
@@ -235,6 +246,8 @@ http {
         ssl_certificate     /etc/ssl/server.crt;
         ssl_certificate_key /etc/ssl/server.key;
 
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
         location /auth_verify {
             internal;
             proxy_set_header  X-Original-URI $request_uri;