From fbb2accefb575fc7abc375e7b761002a4c45354e Mon Sep 17 00:00:00 2001
From: Jacques ROUSSEL <jacques.roussel@rouaje.com>
Date: Mon, 30 Sep 2024 09:26:59 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7(backend)=20fix=20configuration=20t?=
 =?UTF-8?q?o=20avoid=20different=20ssl=20warning?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fix following warning messages :
- You have not set a value for the SECURE_HSTS_SECONDS setting.
- Your SECURE_SSL_REDIRECT setting is not set to True.
---
 CHANGELOG.md                   | 1 +
 src/backend/people/settings.py | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d866f221e..05cad3d31 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -24,6 +24,7 @@ and this project adheres to
 ### Fixed
 
 - ♿️(frontend) fix left nav panel #396
+- 🔧(backend) fix configuration to avoid different ssl warning #432 
 
 ### Changed
 
diff --git a/src/backend/people/settings.py b/src/backend/people/settings.py
index 29751242f..d1041e52b 100755
--- a/src/backend/people/settings.py
+++ b/src/backend/people/settings.py
@@ -619,6 +619,14 @@ class Production(Base):
     #
     # In other cases, you should comment the following line to avoid security issues.
     SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+    SECURE_HSTS_SECONDS = 60
+    SECURE_HSTS_PRELOAD = True
+    SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+    SECURE_SSL_REDIRECT = True
+    SECURE_REDIRECT_EXEMPT = [
+        "^__lbheartbeat__",
+        "^__heartbeat__",
+    ]
 
     # Modern browsers require to have the `secure` attribute on cookies with `Samesite=none`
     CSRF_COOKIE_SECURE = True