Merge pull request #987 from cremesk/main
relax HSTS header checkup to only require a max age
This commit is contained in:
commit
2834842f3a
1 changed files with 1 additions and 2 deletions
|
@ -1579,8 +1579,7 @@ define([
|
|||
var HSTS = H['strict-transport-security'];
|
||||
|
||||
// check for a numerical value of max-age
|
||||
// and the use of includeSubDomains
|
||||
if (/max\-age=\d+/.test(HSTS) && /includeSubDomains/.test(HSTS)) {
|
||||
if (/max\-age=\d+/.test(HSTS)) {
|
||||
return void cb(true);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue