From 5587d66ad8b14e851e07eb4ff214e2dc49c7c57e Mon Sep 17 00:00:00 2001
From: =?utf8?q?Felix=20D=C3=B6rre?= <felix@dogcraft.de>
Date: Fri, 4 Jul 2014 00:06:12 +0200
Subject: [PATCH] Adding STS.

---
 src/org/cacert/gigi/Gigi.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index 96afcb9d..78c3373e 100644
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -152,6 +152,7 @@ public class Gigi extends HttpServlet {
 		hsr.addHeader("Access-Control-Max-Age", "60");
 
 		hsr.addHeader("Content-Security-Policy", getDefaultCSP());
+		hsr.addHeader("Strict-Transport-Security", "max-age=31536000");
 
 	}
 	private static String defaultCSP = null;
-- 
2.39.2