Bump max-age for HSTS

author: Omar Roth <omarroth@porotonmail.com> 2019-04-30 20:53:56 -0500
committer: Omar Roth <omarroth@porotonmail.com> 2019-04-30 20:53:56 -0500
commit: 734905d1f7b0dd3fd0417b91d28b2a3ec132b124 (patch)
tree: c02ed32f8eaf56ac0d3f9509392bee9ba0a2eb5d /src
parent: 90edf2fc60ccf03e3efdeba8f1e1e77d5df8e099 (diff)
download: invidious-734905d1f7b0dd3fd0417b91d28b2a3ec132b124.tar.gz
invidious-734905d1f7b0dd3fd0417b91d28b2a3ec132b124.tar.bz2
invidious-734905d1f7b0dd3fd0417b91d28b2a3ec132b124.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/invidious.cr b/src/invidious.cr
index 0690c1d8..2e031c7d 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -188,7 +188,7 @@ before_all do |env|
   env.response.headers["Referrer-Policy"] = "same-origin"
 
   if Kemal.config.ssl || config.https_only
-    env.response.headers["Strict-Transport-Security"] = "max-age=604800; includeSubDomains"
+    env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
   end
 
   begin
@@ -5189,7 +5189,7 @@ if Kemal.config.ssl
         redirect_url += "?#{env.request.query}"
       end
 
-      env.response.headers["Strict-Transport-Security"] = "max-age=604800; includeSubDomains"
+      env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
       env.response.headers["Location"] = redirect_url
       env.response.status_code = 301
     end
author	Omar Roth <omarroth@porotonmail.com>	2019-04-30 20:53:56 -0500
committer	Omar Roth <omarroth@porotonmail.com>	2019-04-30 20:53:56 -0500
commit	734905d1f7b0dd3fd0417b91d28b2a3ec132b124 (patch)
tree	c02ed32f8eaf56ac0d3f9509392bee9ba0a2eb5d /src
parent	90edf2fc60ccf03e3efdeba8f1e1e77d5df8e099 (diff)
download	invidious-734905d1f7b0dd3fd0417b91d28b2a3ec132b124.tar.gz invidious-734905d1f7b0dd3fd0417b91d28b2a3ec132b124.tar.bz2 invidious-734905d1f7b0dd3fd0417b91d28b2a3ec132b124.zip