jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Delegate HSTS to nginx.

Browse Source 
Remove the ssl_options config option. Let nginx handle HSTS and
http->https redirects instead. At the rails level, all we need to do is
set the secure cookie flag when https is enabled (which we assume it's
enabled in production).
This commit is contained in:
evazion
2020-01-07 11:49:46 -06:00
parent a4419b1e3d
commit d00308c43d
3 changed files with 1 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
config/application.rb
View File

@@ -46,17 +46,6 @@ module Danbooru
config.log_tags = [->(req) {"PID:#{Process.pid}"}]
config.action_controller.action_on_unpermitted_parameters = :raise
config.force_ssl = true
if Rails.env.production? && Danbooru.config.ssl_options.present?
config.ssl_options = Danbooru.config.ssl_options
else
config.ssl_options = {
hsts: false,
secure_cookies: false,
redirect: { exclude: ->(request) { true } }
}
end
if File.exist?("#{config.root}/REVISION")
config.x.git_hash = File.read("#{config.root}/REVISION").strip