On Thu, Feb 21, 2019 at 12:51 PM Till Maas <opensource@xxxxxxxxx> wrote: > > On Thu, Feb 21, 2019 at 09:40:16AM +0100, Michal Novotny wrote: > > > We, as a libravatar group, are very happy that Fedora Infra provided > > us with the needed > > hardware. We will keep the service running by our own effort. > > What is the right place report errors in the web server configuration > regarding the Strict Transport Security HTTP header? There are two > issues: > > - it does not contain includeSubDomains > - http://libravatar.org odes not redirect directly to > https://libravatar.org but to the www subdomain instead. Till, thank you for checking it! That's very valuable to us and to me as well. I've added IncludeSubDomains directive to HSTS declarations. Can you take a look? I am not sure why http://libravatar.org to https://www.libravatar.org redirect is bad. Can you, please, explain? Thank you clime > > Kind regards > Till > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
