www/nginx: drop anti HSTS rule in server -> security headers

opnsense · fabianfrz · Apr 2, 2019 · Mar 30, 2019 · Mar 31, 2019 · Mar 31, 2019
commit 26fff9cdd527988c2d147d81e1a8f1f3f02dcd54
diff --git a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
@@ -95,7 +95,6 @@ server {
     ssl_session_cache shared:SSL:50m;
     ssl_session_tickets off;
     ssl_prefer_server_ciphers on;
-{%     do our_headers.append('Strict-Transport-Security') %}
     sendfile {% if server.sendfile is defined and server.sendfile == '1' %}On{% else %}Off{% endif %};
 {%   endif %}
     server_name  {{ server.servername.replace(',', ' ') }};