diff --git a/lib/middleware/helmet.js b/lib/middleware/helmet.js index 3107e6b0fc..5b54f4d34e 100644 --- a/lib/middleware/helmet.js +++ b/lib/middleware/helmet.js @@ -3,6 +3,11 @@ const helmet = require('helmet'); module.exports = function(config) { if (config.enableHelmet) { return helmet({ + hsts: { + maxAge: 63072000, + includeSubDomains: true, + preload: true, + }, contentSecurityPolicy: { directives: { defaultSrc: [