I have a similar problem, but it’s on the sido of the nextcloud code i think, because the message that appears in the administration sections says "The “Strict-Transport-Security” HTTP header is not configured to at least “{seconds}” seconds. For enhanced security we recommend enabling HSTS as described in our security tips.
Notice the word in bold. It should be a number. Anyway, did all security scans and the header is set correctly.
I think it could be a bug.
Different problem -> different topic.
Which version are you using? Which webserver?
I thought it was the same problem.
Nextcloud 11.0.3 with apache 2.2.22 on debian with ispconfig
This week, 11.0.4 was released, if you still have this problem, please report this to:
Updated to 12.0.1 and the same happens. I wonder if it happens to anyone else.
Hard to say, once you set the header correctly you won’t see this message again.
Obviously, the header was already set.
I found the problem.
It was in the es.js file translation to spanish. Someone translated the variable name to spanish (segundos) but it should stay in english (seconds).
I made a pull request.