HTTP Security Headers
#7903
Replies: 1 comment
-
|
Hi, I am bumping this thread because it is something we also really need. I guess op brought a solution. Would you please be able to address this feature request? Many thanks |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello!
We have a requirement in Gogs to enable HSTS, see: https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html
This could be achieved in Gogs by adding this to the HTTP HEADERS
Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadI believe this was discussed under #2782
Can we get this on the roadmap please?
We don't have any reverse proxy software, only Docker and Gogs running on Port 443
Beta Was this translation helpful? Give feedback.
All reactions