如何在app engine flex上将HSTS头添加到我的nginx/react应用程序?

好吧,现在我觉得自己很愚蠢。

我所要做的就是在正确的位置添加以下行:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

我最初是想把它加在 if ( $http_x_forwarded... 我也试着用 always

不管怎样,它是有效的!

worker_processes 1;

events {
  worker_connections 1024;
}

http {
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  # Logs will appear on the Google Developer's Console 
  # when logged to this directory.
  access_log /var/log/app_engine/app.log;
  error_log /var/log/app_engine/app.log;

  gzip on;
  gzip_disable "msie6";

  server {
    listen 8080;

    server_name localhost;
    root /src/build;

    if ( $http_x_forwarded_proto = 'http' ) {
      return 301 https://$host$request_uri;
    }

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";        

    location /nginx_status {
      stub_status on;
      access_log off;
    }

    location / {
      try_files $uri $uri/ /index.html;
    }
  }
}