summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md1
-rw-r--r--app.json5
-rw-r--r--lib/config/environment.js3
3 files changed, 8 insertions, 1 deletions
diff --git a/README.md b/README.md
index 0fecc43b..dd418d69 100644
--- a/README.md
+++ b/README.md
@@ -154,6 +154,7 @@ Environment variables (will overwrite other server configs)
| HMD_S3_SECRET_ACCESS_KEY | no example | AWS secret key |
| HMD_S3_REGION | `ap-northeast-1` | AWS S3 region |
| HMD_S3_BUCKET | no example | AWS S3 bucket name |
+| HMD_HSTS_ENABLE | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) |
Application settings `config.json`
---
diff --git a/app.json b/app.json
index e06720f4..07678ce3 100644
--- a/app.json
+++ b/app.json
@@ -23,7 +23,10 @@
"description": "Specify database type. See sequelize available databases. Default using postgres",
"value": "postgres"
},
-
+ "HMD_HSTS_ENABLE": {
+ "description": "whether to also use HSTS if HTTPS is enabled",
+ "required": false
+ },
"HMD_DOMAIN": {
"description": "domain name",
"required": false
diff --git a/lib/config/environment.js b/lib/config/environment.js
index c108a6f9..27b697a0 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -8,6 +8,9 @@ module.exports = {
port: process.env.HMD_PORT,
urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT),
usessl: toBooleanConfig(process.env.HMD_USESSL),
+ hsts: {
+ enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE),
+ },
protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL),
alloworigin: process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : undefined,
usecdn: toBooleanConfig(process.env.HMD_USECDN),