diff options
| author | Simon Rettberg | 2017-03-29 13:22:08 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2017-03-29 13:22:08 +0200 |
| commit | 134a933f87b82d49b741b987d67de0eb44c903c6 (patch) | |
| tree | 93f75401362a5fb5a04872e9c7de7437411160cb /modules-available/webinterface/page.inc.php | |
| parent | Add param to disable HSTS, set headers to prevent caching (diff) | |
| download | slx-admin-134a933f87b82d49b741b987d67de0eb44c903c6.tar.gz slx-admin-134a933f87b82d49b741b987d67de0eb44c903c6.tar.xz slx-admin-134a933f87b82d49b741b987d67de0eb44c903c6.zip | |
[webinterface] Try to redirect back to HTTP when HTTPS gets disabled
Diffstat (limited to 'modules-available/webinterface/page.inc.php')
| -rw-r--r-- | modules-available/webinterface/page.inc.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php index 35e14dc5..93d659f0 100644 --- a/modules-available/webinterface/page.inc.php +++ b/modules-available/webinterface/page.inc.php @@ -26,9 +26,11 @@ class Page_WebInterface extends Page private function actionConfigureHttps() { $task = false; + $off = ''; switch (Request::post('mode')) { case 'off': $task = $this->setHttpsOff(); + $off = '&hsts=off'; break; case 'random': $task = $this->setHttpsRandomCert(); @@ -42,7 +44,7 @@ class Page_WebInterface extends Page } if (isset($task['id'])) { Session::set('https-id', $task['id']); - Util::redirect('?do=WebInterface&show=httpsupdate'); + Util::redirect('?do=WebInterface&show=httpsupdate' . $off); } Util::redirect('?do=WebInterface'); } @@ -117,6 +119,7 @@ class Page_WebInterface extends Page private function setHttpsOff() { Property::set(self::PROP_TYPE, 'off'); + Header('Strict-Transport-Security: max-age=0', true); return Taskmanager::submit('LighttpdHttps', array()); } |