Hey there
This one should be applied automatically if the following conditions are met:
- Nextcloud is accessible via HTTPS
- Nextcloud is not installed in a subfolder (e.g. cloud.foo.com not cloud.foo.com/nextcloud/)
Note that this is only a “hardening” but not a security vulnerability per se. So if you don’t manage to have it: It won’t make your data insecure, but having it is an easy small security gain 
Can you check if those conditions are met for you? If yes and the setting isn’t applied this could be a bug or a misconfiguration in your setup. Send me a PM with your domain then please and I can check that
Cheers
Lukas