aboutsummaryrefslogtreecommitdiffstats
path: root/install/htconfig.sample.php
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-02-08 14:48:11 -0800
committerredmatrix <git@macgirvin.com>2016-02-08 14:48:11 -0800
commita14b87baf25e8a4747318efa7a7b52ad04966af7 (patch)
treefd34586e4d1a913a7807b436020d633e061557d4 /install/htconfig.sample.php
parent90fd23e0cd1fe3b6d3471411f650b9b276473c68 (diff)
downloadvolse-hubzilla-a14b87baf25e8a4747318efa7a7b52ad04966af7.tar.gz
volse-hubzilla-a14b87baf25e8a4747318efa7a7b52ad04966af7.tar.bz2
volse-hubzilla-a14b87baf25e8a4747318efa7a7b52ad04966af7.zip
make yet another recommended security header optional - this time because of piwik. Personally I think if you want to track people you really don't understand this project and its history, but whatever....
Diffstat (limited to 'install/htconfig.sample.php')
-rwxr-xr-xinstall/htconfig.sample.php9
1 files changed, 9 insertions, 0 deletions
diff --git a/install/htconfig.sample.php b/install/htconfig.sample.php
index 50ce9658b..f64e2571b 100755
--- a/install/htconfig.sample.php
+++ b/install/htconfig.sample.php
@@ -46,6 +46,15 @@ $a->config['system']['sitename'] = "Hubzilla";
$a->config['system']['location_hash'] = 'if the auto install failed, put a unique random string here';
+// These lines set additional security headers to be sent with all responses
+// You may wish to set transport_security_header to 0 if your server already sends
+// this header. content_security_policy may need to be disabled if you wish to
+// run the piwik analytics plugin or include other offsite resources on a page
+
+$a->config['system']['transport_security_header'] = 1;
+$a->config['system']['content_security_policy'] = 1;
+
+
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
// Be certain to create your own personal account before setting
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on