set some security flags recommended by the Mozilla Observatory

[authserver.git] / index.php

diff --git a/index.php b/index.php
index 76e11d28fa6f47e4734fc1ebc2a5c74cab5a3b53..cfe66ec2669589a1b138e1b8a2cdcb33e29c1fb5 100644 (file)
--- a/index.php
+++ b/index.php
@@ -18,6 +18,7 @@ $title->appendText('KaiRo.at Authentication Server');
 $h1 = $body->appendElement('h1', 'KaiRo.at Authentication Server');
 
 $errors = $utils->checkForSecureConnection();
+$utils->sendSecurityHeaders();
 
 $para = $body->appendElement('p', _('This login system does not work without JavaScript. Please activate JavaScript for this site to log in.'));
 $para->setAttribute('id', 'jswarning');