我加入HSTS头时得到这个警告的萤火。
I am getting this warning in firebug when adding HSTS header.
The site specified an invalid Strict-Transport-Security header.
这是我的htaccess
here is my htaccess
<IfModule mod_headers.c>
Header append X-FRAME-OPTIONS: SAMEORIGIN
Header append Strict-Transport-Security: 'max-age=31536000; includeSubDomains'
</IfModule>
当我删除我得到内部服务器错误
的值引号。
网站通过HTTPS提供服务,从HTTP重定向到https从Apache的网站文件中设置。 SSL证书是自签名的,如果它很重要。
When I remove quotes from the value I get Internal Server Error
.
Website is being served through https, redirect from http to https is set from apache's site file. SSL certificate is self-signed, if it matters.
模头已启用。林在Debian 7,Apache 2.2的。
mod headers is enabled. Im on debian 7, apache 2.2.
感谢
由于在评论中提到,同样在我的情况,我建立了网站与信任的SSL证书问题就消失了主域名@jhutar。因此,萤火虫是表示只对错误的自签名(和/或不信任)的SSL证书。
As @jhutar mentioned in comments, similarly in my case as I set up the site on the main domain with trusted SSL certificate the problem disappeared. So, the firebug is showing that error only for self-signed(and/or not-trusted) SSL certificates.