diff options
| author | Simon Rettberg | 2017-05-05 13:04:19 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2017-05-05 13:04:19 +0200 |
| commit | f7900fa08276d2668221a1b4ce7462d68e6f2893 (patch) | |
| tree | 420646ef6fdb71ca1ce088e1bf4a0f6cf31198fe /index.php | |
| parent | [webinterface] Add separate option to enable HSTS (diff) | |
| download | slx-admin-f7900fa08276d2668221a1b4ce7462d68e6f2893.tar.gz slx-admin-f7900fa08276d2668221a1b4ce7462d68e6f2893.tar.xz slx-admin-f7900fa08276d2668221a1b4ce7462d68e6f2893.zip | |
[webinterface] Log user out when disabling HTTPS to prevent lockout
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -116,7 +116,7 @@ if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) { // Set HSTS Header if client is using HTTPS if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { - if (Request::any('hsts') === 'off' || Property::get('webinterface.https-hsts', 'False') !== 'True') { + if (Property::get('webinterface.https-hsts', 'False') !== 'True') { Header('Strict-Transport-Security: max-age=0', true); } else { Header('Strict-Transport-Security: max-age=15768000', true); |