There should be a way to do this header off the zeus where we set the header for STS. Can we do this for Bugzilla? Not a major rush but would need to do soon. The header should look like this: Strict-Transport-Security: max-age=### where ### delta-seconds, high enough that most people will visit AMO before the expiry date. BTW, there is a bug in for Bugzilla the application to do this but not sure they have a priority on this.
We generally try not to create duplicate bugs for things that are really upstream issues.
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 562475
This is for the Zeus, not for the Bugzilla code. Reopening..
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Created attachment 454203 [details] [diff] [review] patch - v1 Backport of upstream patch to 3.6 plus a few bmo-only changes.
Assignee: nobody → reed
Status: REOPENED → ASSIGNED
Committing to: bzr+ssh://bzr.mozilla.org/bmo/3.6/ modified Bugzilla/CGI.pm modified Bugzilla/Constants.pm Committed revision 7109.
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago → 8 years ago
Depends on: 558044
Resolution: --- → FIXED
Component: Bugzilla: Other b.m.o Issues → General
Product: mozilla.org → bugzilla.mozilla.org
You need to log in before you can comment on or make changes to this bug.