cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update HSTS to publish a max-age=0 to disable it

Browse source
This commit is contained in:
Tom Hughes 2017-03-03 11:34:39 +00:00
parent d3b9987bb8
commit e35748567c
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/initializers/secure_headers.rb
View file

@ -21,6 +21,7 @@ else
end
SecureHeaders::Configuration.default do |config|
config.hsts = "max-age=0"
config.csp = SecureHeaders::OPT_OUT
config.csp_report_only = policy
end