From 633e58f8fce1f3272e5995102968aa3403e6c67a Mon Sep 17 00:00:00 2001
From: Alexander Todorov <atodorov@otb.bg>
Date: Wed, 21 Feb 2024 23:18:37 +0200
Subject: [PATCH] WIP: Add configuration for Strict-Transport-Security header

---
 tcms_settings_dir/enterprise.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/tcms_settings_dir/enterprise.py b/tcms_settings_dir/enterprise.py
index 14be629..2ed3e61 100644
--- a/tcms_settings_dir/enterprise.py
+++ b/tcms_settings_dir/enterprise.py
@@ -69,3 +69,10 @@
 
 # make sure users from LDAP are assigned default settings
 LDAP_AUTH_SYNC_USER_RELATIONS = 'tcms_enterprise.ldap.sync_user_relations'
+
+# WARNING: these require a correct, non-self-signed SSL certificate
+# Strict-Transport-Security header settings
+# https://docs.djangoproject.com/en/4.2/ref/settings/#secure-hsts-include-subdomains
+# https://docs.djangoproject.com/en/4.2/ref/settings/#secure-hsts-seconds
+SECURE_HSTS_SECONDS = 60 * 24 * 365
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True