Show More
@@ -66,7 +66,10 b' index_dir = %(here)s/data/index' | |||
|
66 | 66 | app_instance_uuid = rc-develop |
|
67 | 67 | cut_off_limit = 256000 |
|
68 | 68 | vcs_full_cache = True |
|
69 | # force https in RhodeCode, fixes https redirects, assumes it's always https | |
|
69 | 70 | force_https = false |
|
71 | # use Strict-Transport-Security headers | |
|
72 | use_htsts = false | |
|
70 | 73 | commit_parse_limit = 25 |
|
71 | 74 | # number of items displayed in lightweight dashboard before paginating |
|
72 | 75 | dashboard_items = 100 |
@@ -66,7 +66,10 b' index_dir = %(here)s/data/index' | |||
|
66 | 66 | app_instance_uuid = rc-production |
|
67 | 67 | cut_off_limit = 256000 |
|
68 | 68 | vcs_full_cache = True |
|
69 | # force https in RhodeCode, fixes https redirects, assumes it's always https | |
|
69 | 70 | force_https = false |
|
71 | # use Strict-Transport-Security headers | |
|
72 | use_htsts = false | |
|
70 | 73 | commit_parse_limit = 50 |
|
71 | 74 | # number of items displayed in lightweight dashboard before paginating |
|
72 | 75 | dashboard_items = 100 |
@@ -66,7 +66,10 b' index_dir = %(here)s/data/index' | |||
|
66 | 66 | app_instance_uuid = ${app_instance_uuid} |
|
67 | 67 | cut_off_limit = 256000 |
|
68 | 68 | vcs_full_cache = True |
|
69 | # force https in RhodeCode, fixes https redirects, assumes it's always https | |
|
69 | 70 | force_https = false |
|
71 | # use Strict-Transport-Security headers | |
|
72 | use_htsts = false | |
|
70 | 73 | commit_parse_limit = 50 |
|
71 | 74 | # number of items displayed in lightweight dashboard before paginating |
|
72 | 75 | dashboard_items = 100 |
@@ -35,12 +35,17 b' class HttpsFixup(object):' | |||
|
35 | 35 | |
|
36 | 36 | def __call__(self, environ, start_response): |
|
37 | 37 | self.__fixup(environ) |
|
38 | req = Request(environ) | |
|
38 | debug = str2bool(self.config.get('debug')) | |
|
39 | if str2bool(self.config.get('use_htsts')) and not debug: | |
|
40 | req = Request(environ, self.application) | |
|
39 | 41 | resp = req.get_response(self.application) |
|
40 | 42 | if environ['wsgi.url_scheme'] == 'https': |
|
41 |
resp.headers['Strict-Transport-Security'] = |
|
|
43 | resp.headers['Strict-Transport-Security'] = \ | |
|
44 | 'max-age=8640000; includeSubDomains' | |
|
42 | 45 | return resp(environ, start_response) |
|
43 | 46 | |
|
47 | return self.application(environ, start_response) | |
|
48 | ||
|
44 | 49 | def __fixup(self, environ): |
|
45 | 50 | """ |
|
46 | 51 | Function to fixup the environ as needed. In order to use this |
General Comments 0
You need to be logged in to leave comments.
Login now