]> source.dussan.org Git - nextcloud-server.git/commitdiff
projects / nextcloud-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f4c9d4c)
Invalidate existing HSTS headers
authorLukas Reschke <lukas@statuscode.ch>
Thu, 14 Feb 2013 18:23:29 +0000 (19:23 +0100)
committerLukas Reschke <lukas@statuscode.ch>
Thu, 14 Feb 2013 18:23:29 +0000 (19:23 +0100)
lib/base.php patch | blob | history

diff --git a/lib/base.php b/lib/base.php
index fd9a1d41121d3592018497cd08368974a89fddf8..ff95a87e4385904efe8c1e6ca7293194af8fea5c 100644 (file)
--- a/lib/base.php
+++ b/lib/base.php
@@ -231,6 +231,11 @@ class OC {
                                header("Location: $url");
                                exit();
                        }
+               } else {
+                       // Invalidate HSTS headers
+                       if (OC_Request::serverProtocol() === 'https') {
+                               header('Strict-Transport-Security: max-age=0');
+                       }
                }
        }
 
Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server