diff options
| author | Simon Rettberg | 2017-03-29 13:21:02 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2017-03-29 13:21:02 +0200 |
| commit | 0a4790ee46e7e1f19e760106e9f895a20ebd8ed2 (patch) | |
| tree | 87a9d7dfcfc60aeee67789c7548e640cc89b95c5 /index.php | |
| parent | [statistics] Fetch client log by UUID, not IP (diff) | |
| download | slx-admin-0a4790ee46e7e1f19e760106e9f895a20ebd8ed2.tar.gz slx-admin-0a4790ee46e7e1f19e760106e9f895a20ebd8ed2.tar.xz slx-admin-0a4790ee46e7e1f19e760106e9f895a20ebd8ed2.zip | |
Add param to disable HSTS, set headers to prevent caching
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 13 |
1 files changed, 13 insertions, 0 deletions
@@ -114,6 +114,19 @@ if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) { }); } +// Set HSTS Header if client is using HTTPS +if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { + if (Request::any('hsts') === 'off') { + Header('Strict-Transport-Security: max-age=0', true); + } else { + Header('Strict-Transport-Security: max-age=15768000', true); + } +} +Header('Expires: Wed, 29 Mar 2007 09:56:28 GMT'); +Header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); +Header("Cache-Control: post-check=0, pre-check=0", false); +Header("Pragma: no-cache"); + // Now determine which module to run Page::init(); |