From 87edf182d4b0f27c76413ed2e29408a604bb2273 Mon Sep 17 00:00:00 2001
From: Jianjun Zhu <jianjun.zhu@intel.com>
Date: Tue, 26 Mar 2019 14:54:01 +0800
Subject: [PATCH] Enable HSTS and specify encoding format for HTML pages.

---
 src/samples/conference/public/index.html   | 2 +-
 src/samples/conference/samplertcservice.js | 2 ++
 src/samples/p2p/peercall.html              | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/samples/conference/public/index.html b/src/samples/conference/public/index.html
index b4266bb7..689c92c1 100644
--- a/src/samples/conference/public/index.html
+++ b/src/samples/conference/public/index.html
@@ -27,7 +27,7 @@
 -->
 
 <html>
-
+  <meta charset="utf-8">
   <head>
     <title>Intel&reg; Collaboration Suite for WebRTC Conference Sample</title>
   </head>
diff --git a/src/samples/conference/samplertcservice.js b/src/samples/conference/samplertcservice.js
index 5ebb2c5d..0733f9e1 100644
--- a/src/samples/conference/samplertcservice.js
+++ b/src/samples/conference/samplertcservice.js
@@ -48,11 +48,13 @@ app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({
   extended: true
 }));
+app.disable('x-powered-by');
 
 app.use(function(req, res, next) {
   res.header('Access-Control-Allow-Origin', '*');
   res.header('Access-Control-Allow-Methods', 'POST, GET, PUT, PATCH, OPTIONS, DELETE');
   res.header('Access-Control-Allow-Headers', 'origin, content-type');
+  res.header('Strict-Transport-Security', 'max-age=1024000; includeSubDomain');
   if (req.method == 'OPTIONS') {
     res.send(200);
   } else {
diff --git a/src/samples/p2p/peercall.html b/src/samples/p2p/peercall.html
index fac977d5..810c81e2 100644
--- a/src/samples/p2p/peercall.html
+++ b/src/samples/p2p/peercall.html
@@ -7,6 +7,7 @@
 <!DOCTYPE html>
 
 <head>
+  <meta charset="utf-8">
   <title>Intel&reg; Collaboration Suite for WebRTC P2P Direct Call Sample</title>
   <style>
     html{