lib/cuba/safe/secure_headers.rb in cuba-3.5.0 vs lib/cuba/safe/secure_headers.rb in cuba-3.6.0
- old
+ new
@@ -27,10 +27,10 @@
"X-Content-Type-Options" => "nosniff",
"X-Download-Options" => "noopen",
"X-Frame-Options" => "SAMEORIGIN",
"X-Permitted-Cross-Domain-Policies" => "none",
"X-XSS-Protection" => "1; mode=block",
- "Strict-Transport-Security" => "max-age=631138519; includeSubdomains; preload"
+ "Strict-Transport-Security" => "max-age=2628000"
}
def self.setup(app)
app.settings[:default_headers].merge!(HEADERS)
end