Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/ruby-on-rails/64.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ruby on rails 如何在rails中关闭HST的includeSubDomains?_Ruby On Rails_Ssl_Https_Hsts - Fatal编程技术网
Fatal编程技术网
  • ruby-on-rails/
  • Ruby on rails 如何在rails中关闭HST的includeSubDomains?

Ruby on rails 如何在rails中关闭HST的includeSubDomains?

ruby-on-rails ssl https

Ruby on rails 如何在rails中关闭HST的includeSubDomains?,ruby-on-rails,ssl,https,hsts,Ruby On Rails,Ssl,Https,Hsts,我不想要includeSubDomains选项 ➔ curl -s --head https://example.com/ |grep Strict Strict-Transport-Security: max-age=15552000; includeSubDomains 这似乎不起作用: config.force_ssl = true config.ssl_options = { hsts: { subdomains: false } } 我做错了什么 Rails 5.0.1我强烈建议

我不想要
includeSubDomains
选项

➔ curl -s --head https://example.com/ |grep Strict 
Strict-Transport-Security: max-age=15552000; includeSubDomains
这似乎不起作用:

config.force_ssl = true
config.ssl_options = { hsts: { subdomains: false } }
我做错了什么

Rails 5.0.1

我强烈建议使用,以便更好地控制这些头文件(以及其他类似的头文件)。

问题是Rails 5有一个初始值设定项new_framework_defaults.rb,它有以下行:

Rails.application.config.ssl_options = { hsts: { subdomains: true } }
因为它位于初始值设定项中,所以无论您在环境配置中放置什么,这些设置都不会产生效果。我在这里提出了一个问题: