Yuri wrote:
Try to add this: # Disable HSTS reply_header_access Strict-Transport-Security deny all reply_header_replace Strict-Transport-Security max-age=0; includeSubDomains
Sorry, but no difference. I placed them between these keywords -- just above the request_header_add comment (if that makes any difference). # TAG: reply_header_replace # Usage: reply_header_replace header_name message # Example: reply_header_replace Server Foo/1.0 # # This option allows you to change the contents of headers # denied with reply_header_access above, by replacing them # with some fixed string. # # This only applies to reply headers, not request headers. # # By default, headers are removed if denied. #Default: # none #Disable HSTS reply_header_access Strict-Transport-Security deny all reply_header_replace Strict-Transport-Security max-age=0; includeSubDomains # TAG: request_header_add # Usage: request_header_add field-name field-value acl1 [acl2] ... # Example: request_header_add X-Client-CA "CA=%ssl::>cert_issuer" all # _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users