AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add configuration option to enable/disable 'Strict-Transport-Security' HTTP header

Browse Source
This commit is contained in:
Frédéric Guillot
2014-09-20 15:35:17 +02:00
parent de225f401d
commit eeb4688dcc
3 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Controller/Base.php
View File

@@ -116,9 +116,12 @@ abstract class Base
$this->response->csp(array('style-src' => "'self' 'unsafe-inline'"));
$this->response->nosniff();
$this->response->xss();
$this->response->hsts();
$this->response->xframe();
if (ENABLE_HSTS) {
$this->response->hsts();
}
// Load translations
$language = $this->config->get('language', 'en_US');
if ($language !== 'en_US') Translator::load($language);