make yet another recommended security header optional - this time because of piwik. Personally I think if you want to track people you really don't understand this project and its history, but whatever....
This commit is contained in:
redmatrix
parent
90fd23e0cd
commit
a14b87baf2
1
boot.php
1
boot.php
@ -2167,6 +2167,7 @@ function construct_page(&$a) {
|
|||||||
if($a->get_scheme() === 'https' && $a->config['system']['transport_security_header'])
|
if($a->get_scheme() === 'https' && $a->config['system']['transport_security_header'])
|
||||||
header("Strict-Transport-Security: max-age=31536000");
|
header("Strict-Transport-Security: max-age=31536000");
|
||||||
|
|
||||||
|
if($a->config['system']['content_security_policy'])
|
||||||
header("Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
|
header("Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
|
||||||
|
|
||||||
if($a->config['system']['x_security_headers']) {
|
if($a->config['system']['x_security_headers']) {
|
||||||
|
|||||||
@ -46,6 +46,15 @@ $a->config['system']['sitename'] = "Hubzilla";
|
|||||||
$a->config['system']['location_hash'] = 'if the auto install failed, put a unique random string here';
|
$a->config['system']['location_hash'] = 'if the auto install failed, put a unique random string here';
|
||||||
|
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -36,6 +36,15 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -37,6 +37,15 @@ $a->config['system']['sitename'] = "Hubzilla";
|
|||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -37,6 +37,15 @@ $a->config['system']['sitename'] = "Hubzilla";
|
|||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -36,6 +36,13 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
|
|||||||
@ -36,6 +36,23 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
|
|||||||
@ -36,6 +36,15 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -37,6 +37,15 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
// Vos choix sont REGISTER_OPEN, REGISTER_APPROVE, ou REGISTER_CLOSED.
|
// Vos choix sont REGISTER_OPEN, REGISTER_APPROVE, ou REGISTER_CLOSED.
|
||||||
// Soyez certains de créer votre compte personnel avant de déclarer
|
// Soyez certains de créer votre compte personnel avant de déclarer
|
||||||
// votre site REGISTER_CLOSED. 'register_text' (si vous décider de l'utiliser)
|
// votre site REGISTER_CLOSED. 'register_text' (si vous décider de l'utiliser)
|
||||||
|
|||||||
@ -36,6 +36,15 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -36,6 +36,15 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
@ -36,6 +36,15 @@ $a->config['system']['baseurl'] = '{{$siteurl}}';
|
|||||||
$a->config['system']['sitename'] = "Hubzilla";
|
$a->config['system']['sitename'] = "Hubzilla";
|
||||||
$a->config['system']['location_hash'] = '{{$site_id}}';
|
$a->config['system']['location_hash'] = '{{$site_id}}';
|
||||||
|
|
||||||
|
// These lines set additional security headers to be sent with all responses
|
||||||
|
// You may wish to set transport_security_header to 0 if your server already sends
|
||||||
|
// this header. content_security_policy may need to be disabled if you wish to
|
||||||
|
// run the piwik analytics plugin or include other offsite resources on a page
|
||||||
|
|
||||||
|
$a->config['system']['transport_security_header'] = 1;
|
||||||
|
$a->config['system']['content_security_policy'] = 1;
|
||||||
|
|
||||||
|
|
||||||
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
|
||||||
// Be certain to create your own personal account before setting
|
// Be certain to create your own personal account before setting
|
||||||
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
|
||||||
|
|||||||
Reference in New Issue
Block a user