opendev
/
puppet-openstackid
Code Issues Proposed changes

Fixing results from ZAP Scanning Report 

added header Strict-Transport-Security Header Not Set

Change-Id: I22b14e30738254ebd3e847003f16a4ad3863ed8a
Signed-off-by: smarcet <smarcet@gmail.com>
This commit is contained in:
smarcet 2020-03-23 02:04:27 -03:00
parent 21c361bd96
commit 954b03a75f
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
manifests/init.pp
View File

@ -462,6 +462,7 @@ class openstackid (
class { 'apache::mod::ssl': }
class { 'apache::mod::rewrite': }
class { 'apache::mod::proxy': }
class { 'apache::mod::headers': }
apache::mod { 'proxy_fcgi': }

2
templates/vhost.erb
View File

@ -46,5 +46,7 @@
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000<%= @docroot %>/$1 retry=0 timeout=1800
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"
</VirtualHost>
</IfModule>