git_admin/fab-store
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable force_ssl by default (Traefik handles SSL)

Browse Source
This commit is contained in:
Ubuntu
2026-02-12 15:28:32 +00:00
parent 9131363cef
commit 3316dbc535
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
config/environments/production.rb
View File

@@ -24,11 +24,11 @@ Rails.application.configure do
# Store uploaded files on the local file system (see config/storage.yml for options). # Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local config.active_storage.service = :local
# Assume all access to the app is happening through a SSL-terminating reverse proxy. # Assume all access to the app is happening through a SSL-terminating reverse proxy.
config.assume_ssl = true config.assume_ssl = true
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true config.force_ssl = ENV.fetch("RAILS_FORCE_SSL", "false") == "true"
# Skip http-to-https redirect for the default health check endpoint. # Skip http-to-https redirect for the default health check endpoint.
# config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
@@ -94,6 +94,9 @@ Rails.application.configure do
# Only use :id for inspections in production. # Only use :id for inspections in production.
config.active_record.attributes_for_inspect = [ :id ] config.active_record.attributes_for_inspect = [ :id ]
config.action_controller.default_url_options = { host: "fabsparestore.com", protocol: "https" }
# Enable DNS rebinding protection and other `Host` header attacks. # Enable DNS rebinding protection and other `Host` header attacks.
# config.hosts = [ # config.hosts = [
# "example.com", # Allow requests from example.com # "example.com", # Allow requests from example.com