From 0f994692435d7be4f94492294113db3b5dbc17a1 Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Thu, 12 Apr 2018 05:54:54 +0900
Subject: [PATCH] HSTS

Co-Authored-By: tamaina <tamaina@hotmail.co.jp>
---
 src/server/index.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/server/index.ts b/src/server/index.ts
index abb8992da5..9358cce2ac 100644
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -41,6 +41,17 @@ app.use((req, res, next) => {
 	next();
 });
 
+/**
+ * HSTS
+ * 6month(15552000sec)
+ */
+if (config.url.startsWith('https')) {
+	app.use((req, res, next) => {
+		res.header('strict-transport-security', 'max-age=15552000; preload');
+		next();
+	});
+}
+
 // Drop request when without 'Host' header
 app.use((req, res, next) => {
 	if (!req.headers['host']) {