htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable HSTS preload in app

Browse Source
This commit is contained in:
Sebastian Serth
2022-09-03 00:09:50 +02:00
parent b0130b8fae
commit 51e9daf930
2 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/environments/production.rb
View File

@ -50,6 +50,7 @@ Rails.application.configure do
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true config.force_ssl = true
config.ssl_options = {hsts: {preload: true}}
# Include generic and useful information about system operation, but avoid logging too much # Include generic and useful information about system operation, but avoid logging too much
# information to avoid inadvertent exposure of personally identifiable information (PII). # information to avoid inadvertent exposure of personally identifiable information (PII).

1
config/environments/staging.rb
View File

@ -65,6 +65,7 @@ Rails.application.configure do
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true config.force_ssl = true
config.ssl_options = {hsts: {preload: true}}
# Include generic and useful information about system operation, but avoid logging too much # Include generic and useful information about system operation, but avoid logging too much
# information to avoid inadvertent exposure of personally identifiable information (PII). # information to avoid inadvertent exposure of personally identifiable information (PII).