midgard/tab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Security++

Browse source
This commit is contained in:
Rien Maertens 2018-08-08 14:22:00 +02:00
parent 6a9651efbd
commit 43580c3545
No known key found for this signature in database
GPG key ID: 943CAB70C511D23C
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/environments/production.rb
View file

@ -47,7 +47,7 @@ Rails.application.configure do
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true config.force_ssl = true
# Use the lowest log level to ensure availability of diagnostic information # Use the lowest log level to ensure availability of diagnostic information
# when problems arise. # when problems arise.

3
config/initializers/remove_runtime_header.rb Normal file
View file

@ -0,0 +1,3 @@
if Rails.env.production?
Rails.application.config.middleware.delete(Rack::Runtime)
end