From afe2041e94e5b95a41c38ba03d3781b423757f7c Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Sat, 6 Dec 2014 19:47:27 +0100
Subject: [PATCH] set max-age for Strict-Transport-Security header to >180days,
 thx to priority

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 lib/init.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/init.php b/lib/init.php
index 4b333157..1026d1ed 100644
--- a/lib/init.php
+++ b/lib/init.php
@@ -41,7 +41,7 @@ header("X-Frame-Options: DENY");
 
 // If Froxlor was called via HTTPS -> enforce it for the next time
 if (isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) != 'off')) {
-	header("Strict-Transport-Security: max-age=500");
+	header("Strict-Transport-Security: max-age=15768000");
 }
 
 // Internet Explorer shall not guess the Content-Type, see: