From 254fc9d66c00bc4fe5a3fc6f82b6e9c69e792a07 Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Fri, 28 Oct 2016 10:37:21 +0300
Subject: [PATCH] Add HSTS header. (#784)

---
 app.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app.js b/app.js
index 4de58a931..01023f726 100644
--- a/app.js
+++ b/app.js
@@ -75,6 +75,7 @@ app.use(function (req, res, next) {
     res.setHeader('Cache-Control', 'public, max-age=' + oneHourToSec);
     res.setHeader('Expires', new Date(Date.now() + oneHourToMilliSec).toUTCString());
     res.setHeader('Last-Modified', new Date().toUTCString());
+    res.setHeader('Strict-Transport-Security', 'max-age=16070400; includeSubDomains; preload');
     res.setHeader('Accept-Ranges', 'bytes');
     res.setHeader('X-Content-Type-Options', 'nosniff');
     res.setHeader('X-Frame-Options', 'DENY');