Merge pull request #5815 from uktrade/feature/TET-881-force-https

Tell browsers to use https instead of http for 1 hour

Author: DeanElliott96

config/settings/common.py

@@ -747,3 +747,7 @@ def _add_hawk_credentials(id_env_name, key_env_name, scopes):
 
 S3_LOCAL_ENDPOINT_URL = env("S3_LOCAL_ENDPOINT_URL", default='')
 ENABLE_CONTACT_CONSENT_INGEST = env("ENABLE_CONTACT_CONSENT_INGEST", default=False)
+
+# Initially set to 1 hour, to increase once confirmed it's successful.
+SECURE_HSTS_SECONDS = 3600
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True