Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
478077bf
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
478077bf
编写于
7月 06, 2016
作者:
प
प्रथमेश Sonpatki
提交者:
GitHub
7月 06, 2016
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #25720 from timrogers/actiondispatch-ssl-defaults-docs
Correct defaults in documentation for ActionDispatch::SSL
上级
6038a548
8a12c7c2
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
5 addition
and
4 deletion
+5
-4
actionpack/lib/action_dispatch/middleware/ssl.rb
actionpack/lib/action_dispatch/middleware/ssl.rb
+5
-4
未找到文件。
actionpack/lib/action_dispatch/middleware/ssl.rb
浏览文件 @
478077bf
...
...
@@ -18,17 +18,18 @@ module ActionDispatch
# Enabled by default. Configure `config.ssl_options` with `hsts: false` to disable.
#
# Set `config.ssl_options` with `hsts: { … }` to configure HSTS:
# * `expires`: How long, in seconds, these settings will stick.
Defaults to
#
`180.days` (recommended). The minimum required to qualify for browser
#
preload lists is `18.weeks`
.
# * `expires`: How long, in seconds, these settings will stick.
The minimum
#
required to qualify for browser preload lists is `18.weeks`. Defaults to
#
`180.days` (recommended)
.
# * `subdomains`: Set to `true` to tell the browser to apply these settings
# to all subdomains. This protects your cookies from interception by a
# vulnerable site on a subdomain. Defaults to `
tru
e`.
# vulnerable site on a subdomain. Defaults to `
fals
e`.
# * `preload`: Advertise that this site may be included in browsers'
# preloaded HSTS lists. HSTS protects your site on every visit *except the
# first visit* since it hasn't seen your HSTS header yet. To close this
# gap, browser vendors include a baked-in list of HSTS-enabled sites.
# Go to https://hstspreload.appspot.com to submit your site for inclusion.
# Defaults to `false`.
#
# To turn off HSTS, omitting the header is not enough. Browsers will remember the
# original HSTS directive until it expires. Instead, use the header to tell browsers to
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录