projects
/
rails.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
3128aab
)
Allow apache to control the HSTS setting
author
Tom Hughes
<tom@compton.nu>
Thu, 11 Jan 2018 19:19:36 +0000
(19:19 +0000)
committer
Tom Hughes
<tom@compton.nu>
Thu, 11 Jan 2018 19:20:07 +0000
(19:20 +0000)
config/initializers/secure_headers.rb
patch
|
blob
|
history
diff --git
a/config/initializers/secure_headers.rb
b/config/initializers/secure_headers.rb
index f30a4b86c3a6631e8e667f0ad1074df981662faf..12b31a0c094003ddeaa73b8d473b37827431abcf 100644
(file)
--- a/
config/initializers/secure_headers.rb
+++ b/
config/initializers/secure_headers.rb
@@
-27,7
+27,6
@@
cookie_policy = {
}
SecureHeaders::Configuration.default do |config|
- config.hsts = "max-age=0"
config.csp = SecureHeaders::OPT_OUT
config.csp_report_only = csp_policy
config.cookies = cookie_policy