From 6f5cca77313e127313ea44c5c213fda3b9027a95 Mon Sep 17 00:00:00 2001
From: Grant Bourque <grant@anedot.com>
Date: Tue, 16 Jan 2018 18:14:06 -0600
Subject: Update default HSTS max-age value to 1 year

- Update the default HSTS max-age value to 31536000 seconds (1 year)
  to meet the minimum max-age requirement for https://hstspreload.org/.
---
 actionpack/test/dispatch/ssl_test.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'actionpack/test')

diff --git a/actionpack/test/dispatch/ssl_test.rb b/actionpack/test/dispatch/ssl_test.rb
index 8ac9502af9..90f2ee46ea 100644
--- a/actionpack/test/dispatch/ssl_test.rb
+++ b/actionpack/test/dispatch/ssl_test.rb
@@ -98,8 +98,8 @@ class RedirectSSLTest < SSLTest
 end
 
 class StrictTransportSecurityTest < SSLTest
-  EXPECTED = "max-age=15552000"
-  EXPECTED_WITH_SUBDOMAINS = "max-age=15552000; includeSubDomains"
+  EXPECTED = "max-age=31536000"
+  EXPECTED_WITH_SUBDOMAINS = "max-age=31536000; includeSubDomains"
 
   def assert_hsts(expected, url: "https://example.org", hsts: { subdomains: true }, headers: {})
     self.app = build_app ssl_options: { hsts: hsts }, headers: headers
-- 
cgit v1.2.3