[Pkg-owncloud-commits] [owncloud] 04/67: Send a HSTS HTTP header to enforce SSL
David Prévot
taffit at alioth.debian.org
Fri Nov 8 23:10:29 UTC 2013
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v4.5.1
in repository owncloud.
commit c06d71e6627d8a34792b8e972193cf433cfab6f5
Author: Lukas Reschke <lukas at statuscode.ch>
Date: Wed Oct 10 18:56:14 2012 +0200
Send a HSTS HTTP header to enforce SSL
---
lib/base.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/base.php b/lib/base.php
index c898273..21b7165 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -193,6 +193,7 @@ class OC{
public static function checkSSL() {
// redirect to https site if configured
if( OC_Config::getValue( "forcessl", false )) {
+ header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on");
if(OC_Request::serverProtocol()<>'https' and !OC::$CLI) {
$url = "https://". OC_Request::serverHost() . $_SERVER['REQUEST_URI'];
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list