git_admin/fab-store
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable force_ssl by default (Traefik handles SSL)

Browse Source
This commit is contained in:
Ubuntu
2026-02-12 15:28:32 +00:00
parent 9131363cef
commit 3316dbc535
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config/environments/production.rb
View File

@@ -28,7 +28,7 @@ Rails.application.configure do
config.assume_ssl = true
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true
config.force_ssl = ENV.fetch("RAILS_FORCE_SSL", "false") == "true"
# Skip http-to-https redirect for the default health check endpoint.
# config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
@@ -94,6 +94,9 @@ Rails.application.configure do
# Only use :id for inspections in production.
config.active_record.attributes_for_inspect = [ :id ]
config.action_controller.default_url_options = { host: "fabsparestore.com", protocol: "https" }
# Enable DNS rebinding protection and other `Host` header attacks.
# config.hosts = [
# "example.com", # Allow requests from example.com