diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js index 1f18c7b6fa..936d742ce4 100644 --- a/core/js/setupchecks.js +++ b/core/js/setupchecks.js @@ -263,6 +263,7 @@ var messages = []; if (xhr.status === 200) { + var tipsUrl = OC.generateUrl('settings/admin/tips-tricks'); if(OC.getProtocol() === 'https') { // Extract the value of 'Strict-Transport-Security' var transportSecurityValidity = xhr.getResponseHeader('Strict-Transport-Security'); @@ -278,13 +279,13 @@ var minimumSeconds = 15552000; if(isNaN(transportSecurityValidity) || transportSecurityValidity <= (minimumSeconds - 1)) { messages.push({ - msg: t('core', 'The "Strict-Transport-Security" HTTP header is not configured to at least "{seconds}" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.', {'seconds': minimumSeconds, docUrl: '#admin-tips'}), + msg: t('core', 'The "Strict-Transport-Security" HTTP header is not configured to at least "{seconds}" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.', {'seconds': minimumSeconds, docUrl: tipsUrl}), type: OC.SetupChecks.MESSAGE_TYPE_WARNING }); } } else { messages.push({ - msg: t('core', 'You are accessing this site via HTTP. We strongly suggest you configure your server to require using HTTPS instead as described in our security tips.', {docUrl: '#admin-tips'}), + msg: t('core', 'You are accessing this site via HTTP. We strongly suggest you configure your server to require using HTTPS instead as described in our security tips.', {docUrl: tipsUrl}), type: OC.SetupChecks.MESSAGE_TYPE_WARNING }); } diff --git a/settings/templates/admin/server.php b/settings/templates/admin/server.php index a15705a90e..02d247e1b1 100644 --- a/settings/templates/admin/server.php +++ b/settings/templates/admin/server.php @@ -145,7 +145,7 @@