mirror of
https://github.com/StarCitizenTools/mediawiki-skins-Citizen.git
synced 2024-09-24 02:38:44 +00:00
Added HSTS support
This commit is contained in:
parent
ebfa056aee
commit
067386964e
|
@ -28,7 +28,7 @@ class SkinCitizen extends SkinTemplate {
|
|||
$out->addLink(
|
||||
[
|
||||
'rel' => 'preconnect',
|
||||
'href' => $this->getConfig()->get( 'CitizenPreconnectOrigin' )
|
||||
'href' => $this->getConfig()->get( 'CitizenPreconnectURL' )
|
||||
]
|
||||
);
|
||||
}
|
||||
|
@ -47,6 +47,22 @@ class SkinCitizen extends SkinTemplate {
|
|||
]
|
||||
);
|
||||
}
|
||||
// HSTS
|
||||
if ( $this->getConfig()->get( 'CitizenEnableHSTS' ) ) {
|
||||
|
||||
$hstsmaxage = $this->getConfig()->get( 'CitizenHSTSMaxAge' );
|
||||
$hstsincludesubdomains = $this->getConfig()->get( 'CitizenHSTSIncludeSubdomains' );
|
||||
|
||||
// HSTS max age
|
||||
if ( is_int( $hstsmaxage ) ) {
|
||||
$hstsmaxage = max($hstsmaxage, 0);
|
||||
} else {
|
||||
// Default to 5 mins if input is invalid
|
||||
$hstsmaxage = 300;
|
||||
}
|
||||
|
||||
$out->getRequest()->response()->header( 'Strict-Transport-Security: max-age=' . $hstsmaxage . ( $hstsincludesubdomains ? '; includeSubDomains' : '' ) );
|
||||
}
|
||||
// Deny X-Frame-Options
|
||||
if ( $this->getConfig()->get( 'CitizenEnableDenyXFrameOptions' ) ) {
|
||||
$out->getRequest()->response()->header( 'X-Frame-Options: deny' );
|
||||
|
|
28
skin.json
28
skin.json
|
@ -25,16 +25,28 @@
|
|||
"descriptionmsg": "citizen-config-enablepreconnect",
|
||||
"public": true
|
||||
},
|
||||
"PreconnectOrigin": {
|
||||
"PreconnectURL": {
|
||||
"value": "",
|
||||
"description": "The URL for preconnect to required origin",
|
||||
"descriptionmsg": "citizen-config-preconnectorigin",
|
||||
"public": true
|
||||
},
|
||||
"EnableManifest": {
|
||||
"value": true,
|
||||
"description": "Enable or disable web app manifest",
|
||||
"descriptionmsg": "citizen-config-enablemanifest",
|
||||
"EnableHSTS": {
|
||||
"value": false,
|
||||
"description": "Enable or disable HTTP Strict Transport Security",
|
||||
"descriptionmsg": "citizen-config-enablehsts",
|
||||
"public": true
|
||||
},
|
||||
"HSTSMaxAge": {
|
||||
"value": 300,
|
||||
"description": "Time in second that the browser should remember that a site is only to be accessed using HTTPS",
|
||||
"descriptionmsg": "citizen-config-hstsmaxage",
|
||||
"public": true
|
||||
},
|
||||
"CitizenHSTSMaxAge": {
|
||||
"value": false,
|
||||
"description": "Enable or disable HTTP Strict Transport Security",
|
||||
"descriptionmsg": "citizen-config-enablehsts",
|
||||
"public": true
|
||||
},
|
||||
"EnableDenyXFrameOptions": {
|
||||
|
@ -49,6 +61,12 @@
|
|||
"descriptionmsg": "citizen-config-enablestrictreferrerpolicy",
|
||||
"public": true
|
||||
},
|
||||
"EnableManifest": {
|
||||
"value": true,
|
||||
"description": "Enable or disable web app manifest",
|
||||
"descriptionmsg": "citizen-config-enablemanifest",
|
||||
"public": true
|
||||
},
|
||||
"ManifestThemeColor": {
|
||||
"value": "#11151d",
|
||||
"description": "The theme color defined in the web app manifest",
|
||||
|
|
Loading…
Reference in a new issue