diff options
| author | Ermal Luçi <eri@pfsense.org> | 2014-02-18 08:53:57 +0100 |
|---|---|---|
| committer | Ermal Luçi <eri@pfsense.org> | 2014-02-18 08:53:57 +0100 |
| commit | 51889bc74c3735422163eac27e630a8e5ee7164b (patch) | |
| tree | c790ec00522988ca5ffbd54dd11ad82d2249d7ba /config/haproxy-devel/haproxy_pool_edit.php | |
| parent | 2c3d0d5ae18c82daf20043a2b89035eeb633e20b (diff) | |
| parent | fdc63dbf757a94105ff1bf9d295fcc4047f34ea4 (diff) | |
| download | pfsense-packages-51889bc74c3735422163eac27e630a8e5ee7164b.tar.gz pfsense-packages-51889bc74c3735422163eac27e630a8e5ee7164b.tar.bz2 pfsense-packages-51889bc74c3735422163eac27e630a8e5ee7164b.zip | |
Merge pull request #591 from PiBa-NL/hap_strict_security
haproxy-devel, option for "HTTP Strict Transport Security" HTST
Diffstat (limited to 'config/haproxy-devel/haproxy_pool_edit.php')
| -rw-r--r-- | config/haproxy-devel/haproxy_pool_edit.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index 3bc3ff9d..27519429 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -189,6 +189,9 @@ if ($_POST) { if ($server_port && !is_numeric($server_port)) $input_errors[] = "The field 'Port' value is not a number."; } + + if ($_POST['strict_transport_security'] !== "" && !is_numeric($_POST['strict_transport_security'])) + $input_errors[] = "The field 'Strict-Transport-Security' is not empty or a number."; if (!$input_errors) { $pool = array(); @@ -789,6 +792,21 @@ set by the 'retries' parameter.</div> </td> </tr> <tr><td> </td></tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Advanced</td> + </tr> + <tr class="" align="left" id='Strict-Transport-Security'> + <td width="22%" valign="top" class="vncell">Strict-Transport-Security</td> + <td width="78%" class="vtable" colspan="2"> + When configured enables "HTTP Strict Transport Security" leave empty to disable.<br/> + <b>WARNING! the domain will only work over https with a valid certificate!</b><br/> + <input id="strict_transport_security" name="strict_transport_security" type="text" <?if(isset($pconfig['strict_transport_security'])) echo "value=\"{$pconfig['strict_transport_security']}\"";?> size="20" /> Seconds<br/> + If configured clients that requested the page with this setting active will not be able to visit this domain over a unencrypted http connection. + So make sure you understand the consequence of this setting or start with a really low value.<br/> + EXAMPLE: 60 for testing if you are absolutely sure you want this 31536000 (12 months) would be good for production. + </td> + </tr> + <tr><td> </td></tr> <tr align="left"> <td width="22%" valign="top"> </td> <td width="78%"> |