add HSTS sample

diff --git a/eventum-lighttpd.conf b/eventum-lighttpd.conf
index 7ca717c21c069a475069fe3749ac2f42f89939af..3746b23828b01ca140f26db9413fb038c226371f 100644 (file)
--- a/eventum-lighttpd.conf
+++ b/eventum-lighttpd.conf
@@ -12,6 +12,12 @@
 #      }
 #}
 
+# HTTP Strict Transport Security (HSTS) headers on https addresses
+#$SERVER["socket"] == ":443" {
+#      # HSTS (mod_setenv is required) (15768000 seconds = 6 months)
+#      setenv.add-response-header += ( "Strict-Transport-Security" => "max-age=15768000" )
+#}
+
 # running as alias, part 1
 alias.url += (
        "/eventum" => "/usr/share/eventum/htdocs",
@@ -19,7 +25,7 @@ alias.url += (
 
 # running as separate vhost, part 1
 #$HTTP["host"] == "eventum.example.org" {
-#    server.document-root = "/usr/share/eventum/htdocs",
+#      server.document-root = "/usr/share/eventum/htdocs",
 #}
 
 # running as alias, part 2

diff --git a/eventum.spec b/eventum.spec
index 2a246a2c1f47e46dbf0348e82e23f1cce9526a0e..7cecd3cd82e83563da148623c9eceaa426287d69 100644 (file)
--- a/eventum.spec
+++ b/eventum.spec
@@ -85,6 +85,7 @@ Requires:     webserver(indexfile)
 Requires:      webserver(php) >= 4.2.0
 Suggests:      localedb
 Suggests:      php-pear-Net_LDAP2
+Suggests:      webserver(setenv)
 Conflicts:     logrotate < 3.8.0
 BuildArch:     noarch
 BuildRoot:     %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -738,6 +739,7 @@ done
 %{_appdir}/htdocs/setup
 
 %files doc
+%defattr(644,root,root,755)
 %doc docs/*
 %{_examplesdir}/%{name}-%{version}