[webinterface] Add separate option to enable HSTS

author: Simon Rettberg 2017-05-04 16:50:35 +0200
committer: Simon Rettberg 2017-05-04 16:50:35 +0200
commit: 71baea4fa255912113ad3067b74de72d2f09ce7f (patch)
tree: 8cf6300b48b56cfc1c0274e1bd7d94c30325882a /index.php
parent: [systemstatus] Put logs in tabbed view (diff)
download: slx-admin-71baea4fa255912113ad3067b74de72d2f09ce7f.tar.gz
slx-admin-71baea4fa255912113ad3067b74de72d2f09ce7f.tar.xz
slx-admin-71baea4fa255912113ad3067b74de72d2f09ce7f.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/index.php b/index.php
index 6f547418..7cbb3b40 100644
--- a/index.php
+++ b/index.php
@@ -116,7 +116,7 @@ if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) {
 
 // Set HSTS Header if client is using HTTPS
 if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
-	if (Request::any('hsts') === 'off') {
+	if (Request::any('hsts') === 'off' || Property::get('webinterface.https-hsts', 'False') !== 'True') {
 		Header('Strict-Transport-Security: max-age=0', true);
 	} else {
 		Header('Strict-Transport-Security: max-age=15768000', true);
author	Simon Rettberg	2017-05-04 16:50:35 +0200
committer	Simon Rettberg	2017-05-04 16:50:35 +0200
commit	71baea4fa255912113ad3067b74de72d2f09ce7f (patch)
tree	8cf6300b48b56cfc1c0274e1bd7d94c30325882a /index.php
parent	[systemstatus] Put logs in tabbed view (diff)
download	slx-admin-71baea4fa255912113ad3067b74de72d2f09ce7f.tar.gz slx-admin-71baea4fa255912113ad3067b74de72d2f09ce7f.tar.xz slx-admin-71baea4fa255912113ad3067b74de72d2f09ce7f.zip