diff --git a/development.ini b/development.ini --- a/development.ini +++ b/development.ini @@ -111,11 +111,11 @@ app_instance_uuid = development-not-secr ## cut off limit for large diffs (size in bytes) cut_off_limit = 256000 -## force https in Kallithea, fixes https redirects, assumes it's always https -force_https = false +## always pretend the client connected using HTTPS (default false) +#force_https = true -## use Strict-Transport-Security headers -use_htsts = false +## use Strict-Transport-Security headers (default false) +#use_htsts = true ## number of commits stats will parse on each iteration commit_parse_limit = 25 diff --git a/docs/setup.rst b/docs/setup.rst --- a/docs/setup.rst +++ b/docs/setup.rst @@ -417,7 +417,7 @@ directly which scheme/protocol Kallithea - With ``https_fixup = true``, the scheme will be taken from the ``X-Url-Scheme``, ``X-Forwarded-Scheme`` or ``X-Forwarded-Proto`` HTTP header (default ``http``). -- With ``force_https = true`` the default will be ``https``. +- With ``force_https = true``, the scheme will be seen as ``https``. - With ``use_htsts = true``, Kallithea will set ``Strict-Transport-Security`` when using https. .. _nginx_virtual_host: diff --git a/kallithea/templates/ini/template.ini.mako b/kallithea/templates/ini/template.ini.mako --- a/kallithea/templates/ini/template.ini.mako +++ b/kallithea/templates/ini/template.ini.mako @@ -174,11 +174,11 @@ app_instance_uuid = ${uuid()} <%text>## cut off limit for large diffs (size in bytes) cut_off_limit = 256000 -<%text>## force https in Kallithea, fixes https redirects, assumes it's always https -force_https = false +<%text>## always pretend the client connected using HTTPS (default false) +#force_https = true -<%text>## use Strict-Transport-Security headers -use_htsts = false +<%text>## use Strict-Transport-Security headers (default false) +#use_htsts = true <%text>## number of commits stats will parse on each iteration commit_parse_limit = 25