[SAST] Missing HSTS Header in file AuthSecurityConfig.java
Description
The web-application does not define an HSTS header, leaving it vulnerable to attack.
crs-catalog-service/provider/crs-catalog-aws/src/main/java/org/opengroup/osdu/crs/security/AuthSecurityConfig.java
line number: 114
Setting an HSTS Header in an HTTP Response response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");