Security++

This commit is contained in:
Rien Maertens 2018-08-08 14:22:00 +02:00
parent 6a9651efbd
commit 43580c3545
No known key found for this signature in database
GPG key ID: 943CAB70C511D23C
2 changed files with 4 additions and 1 deletions

View file

@ -47,7 +47,7 @@ Rails.application.configure do
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true config.force_ssl = true
# Use the lowest log level to ensure availability of diagnostic information # Use the lowest log level to ensure availability of diagnostic information
# when problems arise. # when problems arise.

View file

@ -0,0 +1,3 @@
if Rails.env.production?
Rails.application.config.middleware.delete(Rack::Runtime)
end