mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Send a HSTS HTTP header to enforce SSL

This commit is contained in:
Lukas Reschke 2012-10-10 18:56:14 +02:00
parent 2f4b1b0e4c
commit cda2135966
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/base.php
View File

@ -193,6 +193,7 @@ class OC{
public static function checkSSL() {
// redirect to https site if configured
if( OC_Config::getValue( "forcessl", false )) {
header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on");
if(OC_Request::serverProtocol()<>'https' and !OC::$CLI) {
$url = "https://". OC_Request::serverHost() . $_SERVER['REQUEST_URI'];