danwin1210/onion-link-list
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Align X-Frame-Options with CSP

Browse Source
This commit is contained in:
Daniel Winzen
2020-10-17 11:24:44 +02:00
parent 83eb89830c
commit cbb8d144f0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common_config.php
View File

@ -123,7 +123,7 @@ function send_headers(array $styles = []){
}
header("Content-Security-Policy: base-uri 'self'; default-src 'none'; form-action 'self'; frame-ancestors 'none'; img-src data:; style-src $style_hashes");
header('X-Content-Type-Options: nosniff');
header('X-Frame-Options: sameorigin');
header('X-Frame-Options: deny');
header('X-XSS-Protection: 1; mode=block');
if($_SERVER['REQUEST_METHOD'] === 'HEAD'){
exit; // headers sent, no further processing needed