You don’t need to reproduce it – I wrote where exactly to fix it. Here is a diff of what I use:
@@ -78,10 +78,10 @@
$max_age = gdsih_settings()->get('strict_transport_security_max_age', 'headers');
if (gdsih_settings()->get('strict_transport_security_extra', 'headers') == 'includeSubDomains') {
- $max_age.= '; includeSubDomains';
+ $max_age.= '; includeSubDomains; preload';
}
- return $htaccess ? 'Strict-Transport-Security "max-age='.$max_age.'"' : 'Strict-Transport-Security: "max-age='.$max_age.'"';
+ return $htaccess ? 'Strict-Transport-Security max-age='.$max_age.'' : 'Strict-Transport-Security: max-age='.$max_age.'';
}
private function _generate_referrer_policy($htaccess = false) {
@@ -93,6 +93,6 @@
$policy = 'no-referrer-when-downgrade';
}
- return $htaccess ? 'Referrer-Policy "'.$policy.'"' : 'Referrer-Policy: "'.$policy.'"';
+ return $htaccess ? 'Referrer-Policy '.$policy.'' : 'Referrer-Policy: '.$policy.'';
}
}
