Send Strict-Transport-Security header in 401 response
Francis Daly
francis at daoine.org
Sun Jun 19 09:57:34 UTC 2016
On Sun, Jun 19, 2016 at 11:51:28AM +0200, Thomas Glanzmann wrote:
Hi there,
> I would like to send the header:
>
> add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
>
> Despite the 401 Unauthorized request. Is that possible?
http://nginx.org/r/add_header
That suggests that you can use an "always" parameter.
Is that appropriate in this case?
If not, then possibly the third-party "headers more" module may be useful.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list