Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/nextcloudpi.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/ncp-web/wizard/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'ncp-web/wizard/index.php')
-rw-r--r--ncp-web/wizard/index.php7
1 files changed, 4 insertions, 3 deletions
diff --git a/ncp-web/wizard/index.php b/ncp-web/wizard/index.php
index e7471e4e..930dad1b 100644
--- a/ncp-web/wizard/index.php
+++ b/ncp-web/wizard/index.php
@@ -10,6 +10,10 @@
<?php
session_start();
+ ini_set('session.cookie_httponly', 1);
+ if ( isset($_SERVER['HTTPS']) )
+ ini_set('session.cookie_secure', 1);
+
// security headers
header("Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; object-src 'self';");
header("X-XSS-Protection: 1; mode=block");
@@ -18,9 +22,6 @@
header("X-Permitted-Cross-Domain-Policies: none");
header("X-Frame-Options: DENY");
header("Cache-Control: max-age=15778463");
- ini_set('session.cookie_httponly', 1);
- if ( isset($_SERVER['HTTPS']) )
- ini_set('session.cookie_secure', 1);
?>
<link rel="icon" type="image/png" href="../img/favicon.png" />
</head>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-29 22:51:43 +0300