On Thu, Feb 21, 2019 at 12:51 PM Till Maas <opensource@till.name> wrote:
>
> On Thu, Feb 21, 2019 at 09:40:16AM +0100, Michal Novotny wrote:
>
> > We, as a libravatar group, are very happy that Fedora Infra provided
> > us with the needed
> > hardware. We will keep the service running by our own effort.
>
> What is the right place report errors in the web server configuration
> regarding the Strict Transport Security HTTP header? There are two
> issues:
>
> - it does not contain includeSubDomains
> - http://libravatar.org odes not redirect directly to
>   https://libravatar.org but to the www subdomain instead.

Till, thank you for checking it! That's very valuable to us
and to me as well.

I've added IncludeSubDomains directive to HSTS declarations.
Can you take a look?

I am not sure why http://libravatar.org to https://www.libravatar.org
redirect is bad. Can you, please, explain?

Thank you
clime


>
> Kind regards
> Till
> _______________________________________________
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-leave@lists.fedoraproject.org
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org