| 26 |
====Private Properties==== |
| 27 |
|
| 28 |
#| |
| 29 |
*| Property | Type | Description |* |
| 30 |
|| ##$db## | object | Database connection reference || |
| 31 |
|| ##$tls_mark## | string | Cookie name for TLS session marking || |
| 32 |
|| ##$page## | string | Current page name being processed || |
| 33 |
|| ##$hash## | string | SHA1 hash of the page name || |
| 34 |
|| ##$query## | string | Encoded query string || |
| 35 |
|| ##$lang## | string | Current language code || |
| 36 |
|| ##$file## | string | Cache file path || |
| 37 |
|| ##$caching## | int | Flag indicating if page should be cached (0 or 1) || |
| 38 |
|# |
| 39 |
|
| 40 |
---- |
| 234 |
=====##http_security_headers(): void##===== |
| 235 |
|
| 236 |
Sets security-related HTTP headers. |
| 237 |
|
| 238 |
**Headers Set:** |
| 239 |
|
| 240 |
#| |
| 241 |
*| Header | Purpose | Config Key |* |
| 242 |
|| Content-Security-Policy | XSS/injection protection | ##csp## || |
| 243 |
|| Permissions-Policy | Control browser features | ##permissions_policy## || |
| 244 |
|| Referrer-Policy | Control referrer information | ##referrer_policy## || |
| 245 |
|| Strict-Transport-Security | Force HTTPS | Auto (TLS only) || |
| 246 |
|| X-Frame-Options | Clickjacking protection | Hardcoded: ##SAMEORIGIN## || |
| 247 |
|| X-Content-Type-Options | MIME sniffing prevention | Hardcoded: ##nosniff## || |
| 248 |
|# |
| 249 |
|
| 250 |
**CSP Configuration Options:** |
| 251 |
- ##0## - Disabled |
| 252 |
- ##1## - Default policy (from ##csp.conf##) |
| 253 |
- ##2## - Custom policy (from ##csp_custom.conf##) |
| 254 |
|
| 255 |
**Example:** |
| 256 |
%%php |
| 257 |
$http->http_security_headers(); |
| 258 |
%% |
| 259 |
|
| 260 |
---- |
| 525 |
===Configuration Dependencies=== |
| 526 |
|
| 527 |
The class relies on these database configuration settings: |
| 528 |
|
| 529 |
#| |
| 530 |
*| Setting | Type | Purpose |* |
| 531 |
|| ##base_url## | string | Wiki's base URL || |
| 532 |
|| ##tls## | bool | Enable HTTPS enforcement || |
| 533 |
|| ##cache## | bool | Enable page caching || |
| 534 |
|| ##cache_ttl## | int | Cache lifetime in seconds || |
| 535 |
|| ##session_store## | int | 1=File, 0=Database || |
| 536 |
|| ##system_seed_hash## | string | Session encryption seed || |
| 537 |
|| ##cookie_prefix## | string | Session cookie prefix || |
| 538 |
|| ##cookie_path## | string | Cookie path || |
| 539 |
|| ##allow_persistent_cookie## | bool | Allow persistent login || |
| 540 |
|| ##session_length## | int | Session lifetime in seconds || |
| 541 |
|| ##reverse_proxy_addresses## | string | Comma/space-separated proxy IPs || |
| 542 |
|| ##reverse_proxy_header## | string | Custom X-Forwarded header || |
| 543 |
|| ##language## | string | Default language code || |
| 544 |
|| ##multilanguage## | bool | Enable language negotiation || |
| 545 |
|| ##allowed_languages## | string | Comma/space-separated allowed langs || |
| 546 |
|| ##enable_security_headers## | bool | Send security headers || |
| 547 |
|| ##csp## | int | CSP setting (0/1/2) || |
| 548 |
|| ##permissions_policy## | int | Permissions-Policy setting (0/1/2) || |
| 549 |
|| ##referrer_policy## | int | Referrer-Policy setting (0-8) || |
| 550 |
|# |
| 551 |
|
| 552 |
---- |
| 553 |
|
| 554 |
===Constants Used=== |
| 555 |
|
| 556 |
#| |
| 557 |
*| Constant | Type | Purpose |* |
| 558 |
|| ##IN_WACKO## | bool | Security check (exit if not defined) || |
| 559 |
|| ##CHMOD_SAFE## | int | File permissions for cache files || |
| 560 |
|| ##CHMOD_FILE## | int | File permissions for config cache || |
| 561 |
|| ##CACHE_PAGE_DIR## | string | Page cache directory || |
| 562 |
|| ##CACHE_SESSION_DIR## | string | Session cache directory || |
| 563 |
|| ##CACHE_CONFIG_DIR## | string | Config cache directory || |
| 564 |
|| ##CONFIG_DIR## | string | Configuration directory || |
| 565 |
|| ##LANG_DIR## | string | Language files directory || |
| 566 |
|| ##DAYSECS## | int | Seconds in a day (86400) || |
| 567 |
|| ##HTTP_404## | string | Path to 404 error page || |
| 568 |
|| ##HTTP_403## | string | Path to 403 error page || |
| 569 |
|# |
| 570 |
|
| 571 |
---- |