yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated hsts urls

Browse Source
This commit is contained in:
Ollie Philpott
2019-05-08 11:11:47 +01:00
parent dae8802c50
commit bea1d35ebf
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Umbraco.Web/HealthCheck/Checks/Security/HstsCheck.cs
View File

@@ -11,9 +11,9 @@ namespace Umbraco.Web.HealthCheck.Checks.Security
public class HstsCheck : BaseHttpHeaderCheck
{
// The check is mostly based on the instructions in the OWASP CheatSheet
// (https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet)
// (https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.md)
// and the blog post of Troy Hunt (https://www.troyhunt.com/understanding-http-strict-transport/)
// If you want do to it perfectly, you have to submit it https://hstspreload.appspot.com/,
// If you want do to it perfectly, you have to submit it https://hstspreload.org/,
// but then you should include subdomains and I wouldn't suggest to do that for Umbraco-sites.
public HstsCheck(IRuntimeState runtime, ILocalizedTextService textService)
: base(runtime, textService, "Strict-Transport-Security", "max-age=10886400", "hSTS", true)