Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-6724

Increase default HSTS header max age to 2 years

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: L3 - Default L3 - Default
    • 3.10.0-alpha4, 3.9.4
    • None
    • backend
    • None
    • Not defined

      As per INFOSEC-67, we should increase the default max age to 2 years rather than the existing one year. This is in line with recommended values.

      ATs:

      • The default value is set to 2 years in our config
      • The value can be overridden via environment variable
      • Our documentation is updated to reflect the change

      Testing notes:

      • The setting can be configured with env var: 

      CAMUNDA_OPTIMIZE_SECURITY_RESPONSE_HEADERS_HSTS_MAX_AGE

        This is the controller panel for Smart Panels app

              Unassigned Unassigned
              joshua.windels Joshua Windels
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: