harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

optional support for public key pinning

Browse Source
This commit is contained in:
redmatrix 2016-01-07 14:06:51 -08:00
parent f4968e9f45
commit 3c88184177
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
boot.php
View File

@ -2126,6 +2126,9 @@ function construct_page(&$a) {
$profile = $a->profile; $profile = $a->profile;
header("Content-type: text/html; charset=utf-8"); header("Content-type: text/html; charset=utf-8");
// security headers - see https://securityheaders.io
if($a->get_scheme() === 'https') if($a->get_scheme() === 'https')
header("Strict-Transport-Security: max-age=31536000"); header("Strict-Transport-Security: max-age=31536000");
@ -2137,6 +2140,10 @@ function construct_page(&$a) {
header("X-Content-Type-Options: nosniff"); header("X-Content-Type-Options: nosniff");
} }
if($a->config['system']['public_key_pins']) {
header("Public-Key-Pins: " . $a->config['system']['public_key_pins']);
}
require_once(theme_include( require_once(theme_include(
((x($a->page, 'template')) ? $a->page['template'] : 'default' ) . '.php' ) ((x($a->page, 'template')) ? $a->page['template'] : 'default' ) . '.php' )
); );