Hi, recently I ask a question regarding a header problem about HSTS which is not enabled by Nginx, now I knew that the problem with HSTS is when SSL is enabled, HSTS is disabled or missing from the header, which is supposed not to happen because HSTS should be enabled on SSL.

Can someone tell me, whether this is a bug or it was intended to be like that?. So what is the use of HSTS header if it is disabled for SSL site?

Thanks