Difference between revisions for Users / Eo Ny / dev




← Previous edit
Revision 7 as of 05/05/2026 19:23
10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin 8 05/05/2026 19:24 WikiAdmin 7 05/05/2026 19:23 WikiAdmin 6 05/05/2026 19:21 EoNy 5 05/05/2026 19:11 EoNy 4 05/05/2026 19:10 EoNy 3 05/05/2026 19:10 EoNy 2 05/05/2026 19:08 EoNy 1 05/05/2026 19:06 EoNy

(14.8 KiB)
WikiAdmin
 Next edit →
Revision 11 as of 05/05/2026 19:28
18 05/21/2026 16:12 WikiAdmin 17 05/18/2026 15:15 WikiAdmin 16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin 8 05/05/2026 19:24 WikiAdmin

(17.6 KiB) +2,875
WikiAdmin

Additions:
====Public Properties====
#|
*| Property | Type | Description |*
|| ##$tls_session## | bool | Indicates if the current session uses
HTTPS/TLS encryption ||
|| ##$request_uri## | string | Normalized REQUEST_URI (e.g.,
'PageOfNoReturn/show?a=1') ||
|| ##$ip## | string | Client's real IP address (accounts for
proxies) ||
|| ##$sess## | Session | Reference to the Session object ||
|| ##$method## | string | Current HTTP method/request type ||
|#
====Private Properties====
#|
*| Property | Type | Description |*
|| ##$db## | object | Database connection reference ||
|| ##$tls_mark## | string | Cookie name for TLS session marking ||
|| ##$page## | string | Current page name being processed ||
|| ##$hash## | string | SHA1 hash of the page name ||
|| ##$query## | string | Encoded query string ||
|| ##$lang## | string | Current language code ||
|| ##$file## | string | Cache file path ||
|| ##$caching## | int | Flag indicating if page should be cached (0 or
1) ||
|#
=====##http_security_headers(): void##=====
Sets security-related HTTP headers.
#|
*| Header | Purpose | Config Key |*
|| Content-Security-Policy | XSS/injection protection | ##csp## ||
|| Permissions-Policy | Control browser features |
##permissions_policy## ||
|| Referrer-Policy | Control referrer information |
##referrer_policy## ||
|| Strict-Transport-Security | Force HTTPS | Auto (TLS only) ||
|| X-Frame-Options | Clickjacking protection | Hardcoded:
##SAMEORIGIN## ||
|| X-Content-Type-Options | MIME sniffing prevention | Hardcoded:
##nosniff## ||
|#
**CSP Configuration Options:**
  - ##0## - Disabled
  - ##1## - Default policy (from ##csp.conf##)
  - ##2## - Custom policy (from ##csp_custom.conf##)
===Configuration Dependencies===
The class relies on these database configuration settings:
#|
*| Setting | Type | Purpose |*
|| ##base_url## | string | Wiki's base URL ||
|| ##tls## | bool | Enable HTTPS enforcement ||
|| ##cache## | bool | Enable page caching ||
|| ##cache_ttl## | int | Cache lifetime in seconds ||
|| ##session_store## | int | 1=File, 0=Database ||
|| ##system_seed_hash## | string | Session encryption seed ||
|| ##cookie_prefix## | string | Session cookie prefix ||
|| ##cookie_path## | string | Cookie path ||
|| ##allow_persistent_cookie## | bool | Allow persistent login ||
|| ##session_length## | int | Session lifetime in seconds ||
|| ##reverse_proxy_addresses## | string | Comma/space-separated proxy
IPs ||
|| ##reverse_proxy_header## | string | Custom X-Forwarded header ||
|| ##language## | string | Default language code ||
|| ##multilanguage## | bool | Enable language negotiation ||
|| ##allowed_languages## | string | Comma/space-separated allowed
langs ||
|| ##enable_security_headers## | bool | Send security headers ||
|| ##csp## | int | CSP setting (0/1/2) ||
|| ##permissions_policy## | int | Permissions-Policy setting (0/1/2)
||
|| ##referrer_policy## | int | Referrer-Policy setting (0-8) ||
|#

Deletions:
==== Public Properties ====
==== Private Properties ====
===== ##http_security_headers(): void## =====
=== Configuration Dependencies ===