open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Send a HSTS HTTP header to enforce SSL

Browse Source
remotes/origin/stable5
Lukas Reschke 13 years ago
parent 2f4b1b0e4c
commit cda2135966
1 changed files with 1 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      lib/base.php

1
lib/base.php
Unescape View File

@ -193,6 +193,7 @@ class OC{
public static function checkSSL() { public static function checkSSL() {
// redirect to https site if configured // redirect to https site if configured
if( OC_Config::getValue( "forcessl", false )) { if( OC_Config::getValue( "forcessl", false )) {
header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on"); ini_set("session.cookie_secure", "on");
if(OC_Request::serverProtocol()<>'https' and !OC::$CLI) { if(OC_Request::serverProtocol()<>'https' and !OC::$CLI) {
$url = "https://". OC_Request::serverHost() . $_SERVER['REQUEST_URI']; $url = "https://". OC_Request::serverHost() . $_SERVER['REQUEST_URI'];

Write Preview
Loading…
Cancel
Save