HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

HTTP Header Location?

I see that the HSTS/preload/etc options are set in the conf. But where are the frame-ancestors 'self' and default cache-control headers for Vanilla? The default seems to be set to public, max-age=120?

Setting directives in the nginx conf or .htaccess can't actually override the headers.

Tagged:

Comments

Sign In or Register to comment.