nginx-proxy-manager/backend/templates/_hsts.conf

{% if certificate and certificate_id > 0 -%}
{% if ssl_forced == 1 or ssl_forced == true %}
{% if hsts_enabled == 1 or hsts_enabled == true %}
  more_clear_headers "Expect-CT";
  include conf.d/include/hsts.conf;
{% endif %}
{% endif %}
{% endif %}

{% unless certificate and certificate_id > 0 -%}
{% unless ssl_forced == 1 or ssl_forced == true %}
{% unless hsts_enabled == 1 or hsts_enabled == true %}
  more_clear_headers "Content-Security-Policy";
  
  more_clear_headers "Expect-CT";
  more_clear_headers "Strict-Transport-Security";
{% endunless  %}
{% endunless  %}
{% endunless  %}