How can I add custom HTML header (Public-Key-Pins)?
-
Hi All,
for security reasons I'd like to pin the public key of my Web GUI certificates using the "Public-Key-Pins" header that most current browsers understand. How can I achieve that?
Header: Public-Key-Pins
Content: pin-sha256="1234567890123456789012345678901234567890123="; max-age=5184000; includeSubdomains -
Edit the source, add it around here:
https://github.com/pfsense/pfsense/blob/RELENG_2_2/usr/local/www/guiconfig.inc#L55