Parameter:
DOMINO_HSTS_HEADERShort description: Fully overrides the HSTS header (
Strict-Transport-Security) – including max-age, includeSubDomains, and preload.Profile
Parameter | DOMINO_HSTS_HEADER |
Category | HTTP / Web |
Component | Server |
Available since | 12.0 |
Supported versions | 12.0, 14.0, 14.5, 14.5.1 |
GUI equivalent | Web Site / Internet Site document |
Possible values | complete header value, e.g. max-age=31536000; includeSubDomains; preload |
Description
When HSTS is active, Domino sends a standard header composed from the individual parameters (
HTTPHSTSMaxAge, HTTPHSTSIncludeSubDomains). For special cases – for example, inclusion in the browser HSTS preload list – precise control over the exact header value is needed. DOMINO_HSTS_HEADER replaces the automatically generated header with exactly the string specified here.Example configuration
DOMINO_HSTS_HEADER=max-age=31536000; includeSubDomains; preload
Notes & pitfalls
- Overrides all individual
HTTPHSTS*parameters – these are ignored as soon asDOMINO_HSTS_HEADERis set.
- Takes effect only after
restart task http.
- Only set
preloadif the domain is really to be submitted to https://hstspreload.org – this is practically impossible to undo.
- HSTS only applies to connections delivered over HTTPS – pure HTTP responses ignore the header.