references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d097daceb7ca325e8ffd97f675bc488cf44ef64
openproject/app/models/setting
T
History
Oliver Günther 4d097daceb Replace separate https and force_ssl flags with https + hsts 
By default, https will be enabled in production in OpenProject 12.2. Right now, a separate flag exists called

rails_force_ssl that needs to be controlled separately, but the two settings are intermingled.

This PR fixes this so that:

HTTPS setting controls the secure cookies and generating links with
https throughout the application

HSTS setting is only active by default when HTTPS is enabled and
controls the HSTS headers as well as the HTTP->HTTPS request upgrade for
transport-security.
2022-08-15 19:48:51 +02:00
..
aliases.rb
Replace separate https and force_ssl flags with https + hsts
2022-08-15 19:48:51 +02:00
callbacks_helper.rb
lint with rubocop --autocorrect (safe cops only)
2022-06-02 10:40:10 +02:00
mail_settings.rb
Remove Setting.protocol in favor of static config
2022-05-18 16:21:55 +02:00
self_registration.rb
remove ruby magic comment for utf-8
2022-03-10 19:36:58 +01:00