-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove includeSubdomains #109
Comments
Are you able to override this w/ a custom include? https://github.com/jwilder/nginx-proxy#proxy-wide |
the problem is that dev.app.com and stage.app.com are running on different servers and in the case of dev, I'm not running behind nginx, but the browser caches that data so I had to host file a different domain to get it to stop redirecting to https. |
I meant override it site-wide at the proxy level to remove the subdomain part. You would add that where you are running nginx-proxy. |
Not sure how I would remove the includeSubdomains when overriding. Can you let me know what the conf would have in it? |
includeSubdomains can lead to issues where not all subdomains are able to use HTTPS. This options might be too strict for the general case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security. It can be re-enabled w/ a custom template if needed. Fixes #109
Thanks |
includeSubdomains can lead to issues where not all subdomains are able to use HTTPS. This options might be too strict for the general case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security. It can be re-enabled w/ a custom template if needed. Fixes nginx-proxy#109
https://github.com/jwilder/nginx-proxy/blob/master/nginx.tmpl#L108
I think includeSubdomains should be removed here. This bit me pretty hard without realizing that dev.app.com and stage.app.com would be automatically redirected to ssl too and I don't have a cert for those urls.
The text was updated successfully, but these errors were encountered: