From 734905d1f7b0dd3fd0417b91d28b2a3ec132b124 Mon Sep 17 00:00:00 2001
From: Omar Roth <omarroth@porotonmail.com>
Date: Tue, 30 Apr 2019 20:53:56 -0500
Subject: [PATCH] Bump max-age for HSTS

---
 src/invidious.cr | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/invidious.cr b/src/invidious.cr
index 0690c1d8..2e031c7d 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -188,7 +188,7 @@ before_all do |env|
   env.response.headers["Referrer-Policy"] = "same-origin"
 
   if Kemal.config.ssl || config.https_only
-    env.response.headers["Strict-Transport-Security"] = "max-age=604800; includeSubDomains"
+    env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
   end
 
   begin
@@ -5189,7 +5189,7 @@ if Kemal.config.ssl
         redirect_url += "?#{env.request.query}"
       end
 
-      env.response.headers["Strict-Transport-Security"] = "max-age=604800; includeSubDomains"
+      env.response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains; preload"
       env.response.headers["Location"] = redirect_url
       env.response.status_code = 301
     end