From dad79a3b1fc154bb7ed68afc0674904580058809 Mon Sep 17 00:00:00 2001
From: Andrew Gerrand <adg@golang.org>
Date: Sun, 1 May 2016 16:07:16 +1000
Subject: blog: set Strict-Transport-Security header

Change-Id: I06942c139689d3bc50da5fc367963fe01801518c
Reviewed-on: https://go-review.googlesource.com/22675
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
---
 blog/appengine.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/blog/appengine.go b/blog/appengine.go
index 12bcdf2..288247e 100644
--- a/blog/appengine.go
+++ b/blog/appengine.go
@@ -21,5 +21,8 @@ func init() {
 	if err != nil {
 		panic(err)
 	}
-	http.Handle("/", s)
+	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Strict-Transport-Security", "max-age=31536000; preload")
+		s.ServeHTTP(w, r)
+	})
 }
-- 
cgit v1.2.3