PPHA-682: Implement preload and subdomains for HSTS

Themitchell · Themitchell · commit 88d1eab1b845 · 2026-03-26T15:52:43.000Z
diff --git a/lung_cancer_screening/settings.py b/lung_cancer_screening/settings.py
@@ -289,6 +289,8 @@ def pem_key_env(key, file_path_key=None):
 # Additional security settings for production
 if not DEBUG:
     SECURE_HSTS_SECONDS = 31536000
+    SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+    SECURE_HSTS_PRELOAD = True
     SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
     SECURE_SSL_REDIRECT = False
     SESSION_COOKIE_SECURE = True
