[
https://issues.apache.org/jira/browse/KNOX-2594?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Larry McCay resolved KNOX-2594.
-------------------------------
Resolution: Invalid
Resolving as Invalid since it is already supported via the 'strict.transport '
config param as documented in above link.
> Add includeSubDomains to HSTS Support in WebAppSec Provider
> -----------------------------------------------------------
>
> Key: KNOX-2594
> URL: https://issues.apache.org/jira/browse/KNOX-2594
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Reporter: Larry McCay
> Assignee: Larry McCay
> Priority: Major
> Fix For: 1.6.0
>
>
> HSTS has an additional directive that should be supported by our WebAppSec
> provider called includeSubDomains. This patch will extend the existing
> support to include optionally include it.
> As a reference, Shiro has such support for HSTS and includeSubDomains:
> https://github.com/apache/shiro/blob/main/web/src/main/java/org/apache/shiro/web/filter/authz/SslFilter.java
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
