roles/nginx: Remove extra semi colon in HSTS preload header

Google's preload check application pointed out that there was an extra semi colon in the HTTP header: $ hstspreload checkdomain alaninkenya.org Warning: 1. Syntax warning: Header includes an empty directive or extra semicolon. The tool can be downloaded here: https://github.com/chromium/hstspreload Signed-off-by: Alan Orth <alan.orth@gmail.com>
2016-03-31 13:34:05 +03:00 · 2016-03-31 13:34:05 +03:00 · d50212c66c
parent fe6c733cae
commit d50212c66c
2 changed files with 2 additions and 2 deletions
--- a/roles/nginx/templates/https.j2
+++ b/roles/nginx/templates/https.j2
@ -52,5 +52,5 @@
    # Enable this if you want HSTS (recommended, but be careful)
    # Include all subdomains and indicate to Google that we want this pre-loaded in Chrome's HSTS store
    # See: https://hstspreload.appspot.com/
-    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
    {% endif %}
--- a/roles/nginx/templates/vhost.conf.j2
+++ b/roles/nginx/templates/vhost.conf.j2
@ -71,7 +71,7 @@ server {
        # Enable this if you want HSTS (recommended, but be careful)
        # Include all subdomains and indicate to Google that we want this pre-loaded in Chrome's HSTS store
        # See: https://hstspreload.appspot.com/
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
        {% endif %}

        include extra-security.conf;