diff options
author | redmatrix <git@macgirvin.com> | 2016-01-07 14:06:51 -0800 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-01-07 14:06:51 -0800 |
commit | 3c8818417798aaa5791f8581059883ad6431a0eb (patch) | |
tree | e45f721b06db790debd21b2a7c072270ea73af7e /boot.php | |
parent | f4968e9f45c7122d30b2ecd52575d31141770ac8 (diff) | |
download | volse-hubzilla-3c8818417798aaa5791f8581059883ad6431a0eb.tar.gz volse-hubzilla-3c8818417798aaa5791f8581059883ad6431a0eb.tar.bz2 volse-hubzilla-3c8818417798aaa5791f8581059883ad6431a0eb.zip |
optional support for public key pinning
Diffstat (limited to 'boot.php')
-rwxr-xr-x | boot.php | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -2126,6 +2126,9 @@ function construct_page(&$a) { $profile = $a->profile; header("Content-type: text/html; charset=utf-8"); + + // security headers - see https://securityheaders.io + if($a->get_scheme() === 'https') header("Strict-Transport-Security: max-age=31536000"); @@ -2137,6 +2140,10 @@ function construct_page(&$a) { header("X-Content-Type-Options: nosniff"); } + if($a->config['system']['public_key_pins']) { + header("Public-Key-Pins: " . $a->config['system']['public_key_pins']); + } + require_once(theme_include( ((x($a->page, 'template')) ? $a->page['template'] : 'default' ) . '.php' ) ); |