Skip to content

Commit

Permalink
Make force_ssl true by default
Browse files Browse the repository at this point in the history
Better to stay on the safe side.
  • Loading branch information
sauloperez committed Nov 4, 2020
1 parent 6d798ed commit 761dbbf
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion config/environments/production.rb
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]

# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = ENV.fetch("FORCE_SSL", false)
config.force_ssl = ENV.fetch("FORCE_SSL", true)

# Use the lowest log level to ensure availability of diagnostic information
# when problems arise.
Expand Down
2 changes: 1 addition & 1 deletion config/initializers/decidim.rb
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@
config.base_uploads_path = ENV["HEROKU_APP_NAME"] + "/"
end

config.force_ssl = ENV.fetch("FORCE_SSL", false)
config.force_ssl = ENV.fetch("FORCE_SSL", true)
end

Rails.application.config.i18n.available_locales = Decidim.available_locales
Expand Down

0 comments on commit 761dbbf

Please sign in to comment.