projects / rails.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3128aab)
Allow apache to control the HSTS setting
authorTom Hughes <tom@compton.nu>
Thu, 11 Jan 2018 19:19:36 +0000 (19:19 +0000)
committerTom Hughes <tom@compton.nu>
Thu, 11 Jan 2018 19:20:07 +0000 (19:20 +0000)
config/initializers/secure_headers.rb patch | blob | history

diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb
index f30a4b86c3a6631e8e667f0ad1074df981662faf..12b31a0c094003ddeaa73b8d473b37827431abcf 100644 (file)
--- a/config/initializers/secure_headers.rb
+++ b/config/initializers/secure_headers.rb
@@ -27,7 +27,6 @@ cookie_policy = {
 }
 
 SecureHeaders::Configuration.default do |config|
-  config.hsts = "max-age=0"
   config.csp = SecureHeaders::OPT_OUT
   config.csp_report_only = csp_policy
   config.cookies = cookie_policy
The OpenStreetMap web site