From d523799820e17ad117fb000cb8d000068ccf106f Mon Sep 17 00:00:00 2001
From: doubaniux <goodsir@vivaldi.net>
Date: Mon, 11 May 2020 19:19:48 +0800
Subject: [PATCH] enable HSTS | close #28

---
 boofilsic/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/boofilsic/settings.py b/boofilsic/settings.py
index 685819e6..cd0c4f15 100644
--- a/boofilsic/settings.py
+++ b/boofilsic/settings.py
@@ -134,6 +134,9 @@ if not DEBUG:
     SESSION_COOKIE_SECURE = True
     CSRF_COOKIE_SECURE = True
     SECURE_SSL_REDIRECT = True
+    SECURE_HSTS_PRELOAD = True
+    SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+    SECURE_HSTS_SECONDS = 31536000
     LOGGING = {
     'version': 1,
     'disable_existing_loggers': False,