function onArgsInitialize($args)
{
$path = common_config('site', 'path');
- if(common_config('site', 'ssl') == 'always' && ($path == '/' || ! $path )) {
+ if (GNUsocial::useHTTPS() && ($path == '/' || mb_strlen($path)==0 )) {
header('Strict-Transport-Security: max-age=' . $this->max_age
. ($this->includeSubDomains ? '; includeSubDomains' : '')
. ($this->preloadToken ? '; preload' : ''));
$versions[] = array('name' => 'StrictTransportSecurity',
'version' => GNUSOCIAL_VERSION,
'author' => 'Craig Andrews',
- 'homepage' => 'http://status.net/wiki/Plugin:StrictTransportSecurity',
+ 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/StrictTransportSecurity',
'rawdescription' =>
// TRANS: Plugin description.
_m('The Strict Transport Security plugin implements the Strict Transport Security header, improving the security of HTTPS only sites.'));