Fix #3522: Enable HSTS.

2018-01-28 19:57:45 -06:00
parent 2fd91bfa20
commit 09462aefeb
2 changed files with 31 additions and 0 deletions
--- a/config/application.rb
+++ b/config/application.rb
@@ -26,6 +26,17 @@ module Danbooru
    config.action_mailer.perform_deliveries = true
    config.log_tags = [lambda {|req| "PID:#{Process.pid}"}]
    config.action_controller.action_on_unpermitted_parameters = :raise
+    config.force_ssl = true
+
+    if Rails.env.production? && Danbooru.config.ssl_options.present?
+      config.ssl_options = Danbooru.config.ssl_options
+    else
+      config.ssl_options = {
+        hsts: false,
+        secure_cookies: false,
+        redirect: { exclude: ->(request) { true } }
+      }
+    end

    if File.exists?("#{config.root}/REVISION")
      config.x.git_hash = File.read("#{config.root}/REVISION").strip