Issue 3700: Security and Privacy related Headers

2017-09-14 05:40:23 +00:00 · 2017-09-14 05:40:23 +00:00 · 7a3bb02f11
commit 7a3bb02f11
parent cf6874cffc
3 changed files with 20 additions and 0 deletions
--- a/doc/htconfig.md
+++ b/doc/htconfig.md
@ -44,6 +44,7 @@ Example: To set the directory value please add this line to your .htconfig.php:
 * **dlogfile - location of the developer log file
 * **event_input_format** - Default value is "ymd".
 * **frontend_worker_timeout** - Value in minutes after we think that a frontend task was killed by the webserver. Default value is 10.
+* **hsts** (Boolean) - Enables the sending of HTTP Strict Transport Security headers
 * **ignore_cache** (Boolean) - For development only. Disables the item cache.
 * **like_no_comment** (Boolean) - Don't update the "commented" value of an item when it is liked.
 * **local_block** (Boolean) - Used in conjunction with "block_public".