[ https://issues.apache.org/jira/browse/KNOX-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Larry McCay updated KNOX-1017: ------------------------------ Resolution: Fixed Status: Resolved (was: Patch Available) [~lappanna] - I just committed this to master and it will be available in 0.14.0/1.0.0. Thank you for this contribution to the WebAppSec module! I have also filed KNOX-1090 for adding documentation for this feature. Please take a look at that. > Add support for enabling "Strict-Transport-Security" header in Knox > responses > ------------------------------------------------------------------------------- > > Key: KNOX-1017 > URL: https://issues.apache.org/jira/browse/KNOX-1017 > Project: Apache Knox > Issue Type: Improvement > Components: Server > Reporter: Latha Appanna > Assignee: Latha Appanna > Labels: headers > Fix For: 0.14.0 > > Attachments: KNOX-1017.patch > > > The HTTP Strict-Transport-Security response header is a security feature that > lets a web site tell browsers that it should only be communicated with using > HTTPS, instead of using HTTP. Possible values are: > > * max-age=<expire-time> > * max-age=<expire-time>; includeSubDomains > * max-age=<expire-time>; preload -- This message was sent by Atlassian JIRA (v6.4.14#64029)