Adds option to allow media on selected pages
parent
b7e10363d0
commit
3953546ace
|
|
@ -12,6 +12,16 @@
|
||||||
* - Permissions-Policy: Control browser features
|
* - Permissions-Policy: Control browser features
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
// Get current page
|
||||||
|
$current_page = $_GET['page'] ?? 'dashboard';
|
||||||
|
|
||||||
|
// Define pages that need media access
|
||||||
|
$media_enabled_pages = [
|
||||||
|
// 'conference' => ['camera', 'microphone'],
|
||||||
|
// 'call' => ['microphone'],
|
||||||
|
// Add more pages and their required permissions as needed
|
||||||
|
];
|
||||||
|
|
||||||
// Strict Transport Security (HSTS)
|
// Strict Transport Security (HSTS)
|
||||||
// Only enable if HTTPS is properly configured
|
// Only enable if HTTPS is properly configured
|
||||||
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
|
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
|
||||||
|
|
@ -45,8 +55,6 @@ header('Referrer-Policy: strict-origin-when-cross-origin');
|
||||||
// Permissions-Policy
|
// Permissions-Policy
|
||||||
$permissions = [
|
$permissions = [
|
||||||
'geolocation=()',
|
'geolocation=()',
|
||||||
'microphone=()',
|
|
||||||
'camera=()',
|
|
||||||
'payment=()',
|
'payment=()',
|
||||||
'usb=()',
|
'usb=()',
|
||||||
'accelerometer=()',
|
'accelerometer=()',
|
||||||
|
|
@ -59,13 +67,32 @@ $permissions = [
|
||||||
'sync-xhr=(self)',
|
'sync-xhr=(self)',
|
||||||
'usb=()'
|
'usb=()'
|
||||||
];
|
];
|
||||||
|
|
||||||
|
// Add camera/microphone permissions based on current page
|
||||||
|
$camera_allowed = false;
|
||||||
|
$microphone_allowed = false;
|
||||||
|
|
||||||
|
if (isset($media_enabled_pages[$current_page])) {
|
||||||
|
$allowed_media = $media_enabled_pages[$current_page];
|
||||||
|
if (in_array('camera', $allowed_media)) {
|
||||||
|
$camera_allowed = true;
|
||||||
|
}
|
||||||
|
if (in_array('microphone', $allowed_media)) {
|
||||||
|
$microphone_allowed = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Add media permissions
|
||||||
|
$permissions[] = $camera_allowed ? 'camera=(self)' : 'camera=()';
|
||||||
|
$permissions[] = $microphone_allowed ? 'microphone=(self)' : 'microphone=()';
|
||||||
|
|
||||||
header('Permissions-Policy: ' . implode(', ', $permissions));
|
header('Permissions-Policy: ' . implode(', ', $permissions));
|
||||||
|
|
||||||
// Clear PHP version
|
// Clear PHP version
|
||||||
header_remove('X-Powered-By');
|
header_remove('X-Powered-By');
|
||||||
|
|
||||||
// Prevent caching of sensitive pages
|
// Prevent caching of sensitive pages
|
||||||
if (in_array($_GET['page'] ?? '', ['login', 'register', 'profile', 'security'])) {
|
if (in_array($current_page, ['login', 'register', 'profile', 'security'])) {
|
||||||
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
|
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
|
||||||
header('Pragma: no-cache');
|
header('Pragma: no-cache');
|
||||||
header('Expires: ' . gmdate('D, d M Y H:i:s', time() - 3600) . ' GMT');
|
header('Expires: ' . gmdate('D, d M Y H:i:s', time() - 3600) . ' GMT');
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue