Add env vars for extra HSTS options

author: Literallie 2017-10-13 01:15:35 +0200
committer: Literallie 2017-10-13 01:42:05 +0200
commit: 6bdc90d6ffd60cf8fe0509eb9fb3b2d47f185c31 (patch)
tree: 2a41eac7e4910feded2c1b72aed5b59cb3b93440 /README.md
parent: 1634d5c567180b072ed4e345b841642f4ea70924 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/README.md b/README.md
index dd418d69..8dc82bb4 100644
--- a/README.md
+++ b/README.md
@@ -155,6 +155,9 @@ Environment variables (will overwrite other server configs)
 | HMD_S3_REGION | `ap-northeast-1` | AWS S3 region |
 | HMD_S3_BUCKET | no example | AWS S3 bucket name |
 | HMD_HSTS_ENABLE | ` true`  | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) |
+| HMD_HSTS_INCLUDE_SUBDOMAINS | `true` | set to include subdomains in HSTS (default is `true`) |
+| HMD_HSTS_MAX_AGE | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) |
+| HMD_HSTS_PRELOAD | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) |
 
 Application settings `config.json`
 ---
author	Literallie	2017-10-13 01:15:35 +0200
committer	Literallie	2017-10-13 01:42:05 +0200
commit	6bdc90d6ffd60cf8fe0509eb9fb3b2d47f185c31 (patch)
tree	2a41eac7e4910feded2c1b72aed5b59cb3b93440 /README.md
parent	1634d5c567180b072ed4e345b841642f4ea70924 (diff)