remove includeSubdomains #109
Comments
|
Are you able to override this w/ a custom include? https://github.com/jwilder/nginx-proxy#proxy-wide |
|
the problem is that dev.app.com and stage.app.com are running on different servers and in the case of dev, I'm not running behind nginx, but the browser caches that data so I had to host file a different domain to get it to stop redirecting to https. |
|
I meant override it site-wide at the proxy level to remove the subdomain part. You would add that where you are running nginx-proxy. |
|
Not sure how I would remove the includeSubdomains when overriding. Can you let me know what the conf would have in it? |
jwilder
added a commit
that referenced
this issue
Feb 28, 2015
includeSubdomains can lead to issues where not all subdomains are able to use HTTPS. This options might be too strict for the general case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security. It can be re-enabled w/ a custom template if needed. Fixes #109
|
Thanks |
byrnedo
pushed a commit
to byrnedo/nginx-proxy
that referenced
this issue
May 8, 2015
includeSubdomains can lead to issues where not all subdomains are able to use HTTPS. This options might be too strict for the general case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security. It can be re-enabled w/ a custom template if needed. Fixes nginx-proxy#109
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/jwilder/nginx-proxy/blob/master/nginx.tmpl#L108
I think includeSubdomains should be removed here. This bit me pretty hard without realizing that dev.app.com and stage.app.com would be automatically redirected to ssl too and I don't have a cert for those urls.
The text was updated successfully, but these errors were encountered: