From 657cb0dbf682834c1237d914234dc7eb45e2db3c Mon Sep 17 00:00:00 2001
From: Jose Luis Duran <jlduran@users.noreply.github.com>
Date: Wed, 6 Jan 2016 00:57:04 -0200
Subject: Remove preload token from HSTS header

Please see the documentation on how to include your domain in the
preload lists:

https://hstspreload.appspot.com
---
 src/etc/inc/system.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/etc/inc/system.inc')

diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index 847879d..3890f72 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -1273,7 +1273,7 @@ EOD;
 		$nginx_config .= "\t\tssl_protocols   TLSv1 TLSv1.1 TLSv1.2;\n";
 		$nginx_config .= "\t\tssl_ciphers \"EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH\";\n";
 		$nginx_config .= "\t\tssl_prefer_server_ciphers       on;\n";
-		$nginx_config .= "\t\tadd_header Strict-Transport-Security \"max-age=31536000; preload\";\n";
+		$nginx_config .= "\t\tadd_header Strict-Transport-Security \"max-age=31536000\";\n";
 		$nginx_config .= "\t\tadd_header X-Content-Type-Options nosniff;\n";
 		$nginx_config .= "\t\tssl_session_tickets off;\n";
 		$nginx_config .= "\t\tssl_stapling on;\n";
-- 
cgit v1.1