fix hsts header

2017-08-28 01:52:22 +02:00 · 2017-08-28 01:52:22 +02:00 · af407ff1f2
parent 16f6739189
commit af407ff1f2
1 changed files with 1 additions and 1 deletions
--- a/app.py
+++ b/app.py
@ -85,7 +85,7 @@ def install_security_headers(resp):
    resp.headers.set('Content-Security-Policy', csp)

    if app.config.get('HTTPS'):
-        resp.headers.set('strict-transport-security', 'max-age: {}'.format(60*60*24*365))
+        resp.headers.set('strict-transport-security', 'max-age={}'.format(60*60*24*365))

    resp.headers.set('referrer-policy', 'no-referrer')
    resp.headers.set('x-content-type-options', 'nosniff')