From 19d30b73b1795f37dd9ce9e516c63aa574079bf2 Mon Sep 17 00:00:00 2001
From: farhatahmad <ahmad.af.farhat@gmail.com>
Date: Thu, 1 Feb 2024 11:04:47 -0500
Subject: [PATCH] Final work for hsts

---
 .rubocop.yml                      | 1 +
 config/environments/production.rb | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.rubocop.yml b/.rubocop.yml
index 0d83aabd6f..62be3f68e9 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -64,6 +64,7 @@ Metrics/BlockLength:
   AllowedMethods: [ 'describe', 'context', 'xdescribe', 'xcontext', 'FactoryBot.define' ]
   Exclude:
     - 'config/routes.rb'
+    - 'config/environments/production.rb'
   Max: 70
 
 Metrics/ClassLength:
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 2bcd29e7d9..ac6eaad8c3 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -162,5 +162,8 @@
 
   # Enable HSTS in production mode
   config.force_ssl = true
-  config.ssl_options = { hsts: { preload: true, expires: 1.year, subdomains: true } }
+  config.ssl_options = {
+    redirect: { exclude: ->(request) { request.path.include?('health_check') } },
+    hsts: { expires: 1.year, subdomains: true }
+  }
 end