Changeset 3490:70d5dbada713 for inc

Timestamp:

01/02/17 17:02:35 (9 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Fix x-frame-options URL (specially on localhost)

File:

inc/admin/lib.dc.page.php

-                      r3460
+                      r3490
                return;
+          }
           if ($origin !== null) {
                $url = parse_url($origin);
                $headers['x-frame-options'] = sprintf('X-Frame-Options: %s',is_array($url) ?
+               $headers['x-frame-options'] = sprintf('X-Frame-Options: %s',is_array($url) && isset($url['host']) ?
                     ("ALLOW-FROM ".(isset($url['scheme']) ? $url['scheme'].':' : '' ).'//'.$url['host']) :
                     'SAMEORIGIN');

Note: See TracChangeset for help on using the changeset viewer.