diff options
author | redmatrix <git@macgirvin.com> | 2016-02-08 14:48:11 -0800 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-02-08 14:48:11 -0800 |
commit | a14b87baf25e8a4747318efa7a7b52ad04966af7 (patch) | |
tree | fd34586e4d1a913a7807b436020d633e061557d4 /view/en/htconfig.tpl | |
parent | 90fd23e0cd1fe3b6d3471411f650b9b276473c68 (diff) | |
download | volse-hubzilla-a14b87baf25e8a4747318efa7a7b52ad04966af7.tar.gz volse-hubzilla-a14b87baf25e8a4747318efa7a7b52ad04966af7.tar.bz2 volse-hubzilla-a14b87baf25e8a4747318efa7a7b52ad04966af7.zip |
make yet another recommended security header optional - this time because of piwik. Personally I think if you want to track people you really don't understand this project and its history, but whatever....
Diffstat (limited to 'view/en/htconfig.tpl')
-rw-r--r-- | view/en/htconfig.tpl | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/view/en/htconfig.tpl b/view/en/htconfig.tpl index 50e05fc3e..5c05111f3 100644 --- a/view/en/htconfig.tpl +++ b/view/en/htconfig.tpl @@ -36,6 +36,23 @@ $a->config['system']['baseurl'] = '{{$siteurl}}'; $a->config['system']['sitename'] = "Hubzilla"; $a->config['system']['location_hash'] = '{{$site_id}}'; +// These lines set additional security headers to be sent with all responses +// You may wish to set transport_security_header to 0 if your server already sends +// this header. content_security_policy may need to be disabled if you wish to +// run the piwik analytics plugin or include other offsite resources on a page + +$a->config['system']['transport_security_header'] = 1; +$a->config['system']['content_security_policy'] = 1; + +// These lines set additional security headers to be sent with all responses +// You may wish to set transport_security_header to 0 if your server already sends +// this header. content_security_policy may need to be disabled if you wish to +// run the piwik analytics plugin or include other offsite resources on a page + +$a->config['system']['transport_security_header'] = 1; +$a->config['system']['content_security_policy'] = 1; + + // Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED. // Be certain to create your own personal account before setting |