X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=c94675a59ae65a887fe181c1350f714555d3e8d4;hb=6957069fb7d12fa4c5b1d8cb6be2718cf47e70c0;hp=5b4cea756b3d68964ad67a0c2f30157c4883b93a;hpb=94f6f12ba3a5c1d506255803e709cb640147ebf4;p=friendica.git diff --git a/index.php b/index.php index 5b4cea756b..c94675a59a 100644 --- a/index.php +++ b/index.php @@ -20,7 +20,9 @@ use Friendica\Core\Config; require_once 'boot.php'; require_once 'object/BaseObject.php'; -$a = new App(__DIR__); +if (empty($a)) { + $a = new App(__DIR__); +} BaseObject::set_app($a); // We assume that the index.php is called by a frontend process @@ -51,7 +53,7 @@ if (!$install) { require_once "include/dba.php"; if (!$install) { - $db = new dba($db_host, $db_user, $db_pass, $db_data, $install); + dba::connect($db_host, $db_user, $db_pass, $db_data, $install); unset($db_host, $db_user, $db_pass, $db_data); /** @@ -196,7 +198,7 @@ if ($install && $a->module!="view") { $a->module = 'maintenance'; } else { check_url($a); - check_db(); + check_db(false); check_plugins($a); } @@ -489,6 +491,19 @@ $profile = $a->profile; header("X-Friendica-Version: " . FRIENDICA_VERSION); header("Content-type: text/html; charset=utf-8"); +if (Config::get('system', 'hsts') && (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL)) { + header("Strict-Transport-Security: max-age=31536000"); +} + +// Some security stuff +header('X-Content-Type-Options: nosniff'); +header('X-XSS-Protection: 1; mode=block'); +header('X-Permitted-Cross-Domain-Policies: none'); +header('X-Frame-Options: sameorigin'); + +// Things like embedded OSM maps don't work, when this is enabled +// header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src 'self' https: data:; media-src 'self' https:; child-src 'self' https:; object-src 'none'"); + /* * We use $_GET["mode"] for special page templates. So we will check if we have * to load another page template than the default one.