StrictTransportSecurity object

Use StrictTransportSecurity to configure the Strict-Transport-Security header.

You can customize these directives for a Strict-Transport-Security header. Set values for them in a StrictTransportSecurity object.

• max-age (number)
• includeSubDomains (boolean)
• preload
  • Add this directive to request your site to join Google Chrome's HTTP Strict Transport Security (HSTS) preload list. To be eligible, your app has to adhere to all of the submission requirements listed on the HSTS site.

For information about each directive, see MDN Web Docs: Strict-Transport-Security Directives

See Also

• Guide: @lwrjs/security