blog: set Strict-Transport-Security header Change-Id: I06942c139689d3bc50da5fc367963fe01801518c Reviewed-on: https://go-review.googlesource.com/22675 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

commit: dad79a3b1fc154bb7ed68afc0674904580058809 [log] [tgz]
author: Andrew Gerrand <adg@golang.org> Sun May 01 16:07:16 2016 +1000
committer: Andrew Gerrand <adg@golang.org> Mon May 02 17:26:52 2016 +0000
tree: df9f5ced787c246f9cb3ff6362097fd1eceef20e
parent: 83a9ff974630c039c67952b9bbd4d26f83389ee4 [diff]
diff --git a/blog/appengine.go b/blog/appengine.go
index 12bcdf2..288247e 100644
--- a/blog/appengine.go
+++ b/blog/appengine.go

@@ -21,5 +21,8 @@
 	if err != nil {
 		panic(err)
 	}
-	http.Handle("/", s)
+	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Strict-Transport-Security", "max-age=31536000; preload")
+		s.ServeHTTP(w, r)
+	})
 }
commit	dad79a3b1fc154bb7ed68afc0674904580058809	[log] [tgz]
author	Andrew Gerrand <adg@golang.org>	Sun May 01 16:07:16 2016 +1000
committer	Andrew Gerrand <adg@golang.org>	Mon May 02 17:26:52 2016 +0000
tree	df9f5ced787c246f9cb3ff6362097fd1eceef20e
parent	83a9ff974630c039c67952b9bbd4d26f83389ee4 [diff]