In that case, the answer would appear to be that Nextcloud’s test is overly-sensitive and gives false positives. Which isn’t a surprise, that’s true of a lot of their code. If yoou know the HSTS headers are there, you can safely ignore this warning.
In that case, the answer would appear to be that Nextcloud’s test is overly-sensitive and gives false positives. Which isn’t a surprise, that’s true of a lot of their code. If yoou know the HSTS headers are there, you can safely ignore this warning.