fix(hsts): removing hsts configuration set on lusca's csrf settings b…

…ut is already configured and provided using helmet
meanjs · Apr 13, 2016 · c9169e4 · c9169e4
1 parent 8da3725
commit c9169e4
Showing 1 changed file with 0 additions and 5 deletions.
diff --git a/config/env/default.js b/config/env/default.js
@@ -34,11 +34,6 @@ module.exports = {
     csp: { /* Content Security Policy object */},
     xframe: 'SAMEORIGIN',
     p3p: 'ABCDEF',
-    hsts: {
-      maxAge: 31536000, // Forces HTTPS for one year
-      includeSubDomains: true,
-      preload: true
-    },
     xssProtection: true
   },
   logo: 'modules/core/client/img/brand/logo.png',