My middleware JS looks like this: request.SetHeaders["Strict-Transport-Security"] = "max-age=31530000; includeSubDomains";
but instead of showing up in the response headers, it shows up in a JSON response like this: < X-Ratelimit-Reset: 1502754800 < { "args": {}, "headers": { "Accept": "*/*", "Accept-Encoding": "gzip", "Authorization": "foo", "Connection": "close", "Host": "httpbin.org", "Strict-Transport-Security": "max-age=31530000; includeSubDomains", "User-Agent": "curl/7.47.0" },
Does anyone have a sample somewhere on how this (or something similar) would be achieved? I am trying to set this up per app, not per endpoint - but if that is the only way to resolve this it would be good to know.
Yes, Martin - I was testing against httpbin.org. I am testing against my own API’s now and will reply back once I have it figured out. Thanks for the insight!