Encrypt fixes, add carnum options, remove debug lines

2021-10-15 22:31:52 -04:00 · 2021-10-15 22:31:52 -04:00 · 9cd8dc3031
commit 9cd8dc3031
parent 9340a49b67
6 changed files with 26 additions and 19 deletions
--- a/.htaccess
+++ b/.htaccess
@ -1,2 +1,9 @@
 RedirectMatch 404 /\.git
-
+Header append X-FRAME-OPTIONS "SAMEORIGIN"
+Header append X-Content-Type-Options "nosniff"
+<IfModule mod_headers.c>
+    Header set X-XSS-Protection "1; mode=block"
+#    Header always append X-Frame-Options SAMEORIGIN
+Header always set Strict-Transport-Security "max-age=604800; includeSubDomains"
+    Header set X-Content-Type-Options nosniff
+</IfModule>
--- a/changelang.php
+++ b/changelang.php
@ -18,11 +18,11 @@

    $app_disp_lang = filter_input(INPUT_POST, 'app_disp_lang', FILTER_SANITIZE_FULL_SPECIAL_CHARS);                 // GET SANITARY LANG CHOICE
    // only works with new php?
-    // setcookie ( 'app_disp_lang', $app_disp_lang, [
-    //    'expires' => time() + 60*60*24*90,
-    //    'secure' => false,
-    //    'httponly' => false,
-    //    'samesite' => 'Lax',
-    //]);
-    setcookie ( 'app_disp_lang', $app_disp_lang, time() + 60*60*24*90);                       // SET SITE COOKIE 
+     setcookie ( 'app_disp_lang', $app_disp_lang, [
+        'expires' => time() + 60*60*24*90,
+        'secure' => false,
+        'httponly' => true,
+        'samesite' => 'Strict',
+    ]);
+    //setcookie ( 'app_disp_lang', $app_disp_lang, time() + 60*60*24*90);                       // SET SITE COOKIE 
    header('Location: index.php');                                              // GO HOME UNTIL WE ADD REFERER LOGIC
--- a/changesite.php
+++ b/changesite.php
@ -17,11 +17,11 @@
 */

    $site = filter_input(INPUT_POST, 'site', FILTER_SANITIZE_STRING);                                   // GET SANITARY SITE CHOICE
-    //setcookie ( 'app_site', $site, [
-    //    'expires' => time() + 60*60*24*90,
-    //    'secure' => false,
-    //    'httponly' => false,
-    //    'samesite' => 'Lax',
-    //]);
-    setcookie ( 'app_site', $site, time() + 60*60*24*90);                       // SET SITE COOKIE 
+    setcookie ( 'app_site', $site, [
+        'expires' => time() + 60*60*24*90,
+        'secure' => false,
+        'httponly' => true,
+        'samesite' => 'Strict',
+    ]);
+    //setcookie ( 'app_site', $site, time() + 60*60*24*90);                       // SET SITE COOKIE 
    header('Location: index.php');                                              // GO HOME UNTIL WE ADD REFERER LOGIC
--- a/classes/misc/csrf.php
+++ b/classes/misc/csrf.php
@ -35,7 +35,7 @@ class csrf {
                    'expires' => $token->expiry,
                    'secure' => false,
                    'httponly' => false,
-                    'samesite' => 'Lax',
+                    'samesite' => 'Strict',
                ]);

 		return $_SESSION['csrftokens'][$page] = $token;
--- a/nbproject/project.properties
+++ b/nbproject/project.properties
@ -1,5 +1,5 @@
 include.path=${php.global.include.path}
-php.version=PHP_54
+php.version=PHP_72
 source.encoding=UTF-8
 src.dir=.
 tags.asp=false
--- a/src/Misc/Csrf.php
+++ b/src/Misc/Csrf.php
@ -36,8 +36,8 @@ class Csrf
                setcookie ( self::makeCookieName($page), $token->cookietoken, [
                    'expires' => $token->expiry,
                    'secure' => false,
-                    'httponly' => false,
-                    'samesite' => 'Lax',
+                    'httponly' => true,
+                    'samesite' => 'Strict',
                ]);

 		return $_SESSION['csrftokens'][$page] = $token;