Changeset 2908:850dbd7afacb
- Timestamp:
- 01/06/15 19:40:17 (9 years ago)
- Branch:
- 2.7
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
inc/admin/lib.dc.page.php
r2907 r2908 92 92 // Prevents Clickjacking as far as possible 93 93 if (isset($options['x-frame-allow'])) { 94 $host = parse_url($options['x-frame-allow'], PHP_URL_HOST); 95 $scheme = parse_url($options['x-frame-allow'], PHP_URL_SCHEME); 96 header(sprintf('X-Frame-Options: %s', ($host !== null)?($scheme.'://'.$host):'SAMEORIGIN')); 94 $url = parse_url($options['x-frame-allow']); 95 header(sprintf('X-Frame-Options: %s', is_array($url)?($url['scheme'].'://'.$url['host']):'SAMEORIGIN')); 97 96 } else { 98 97 header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
Note: See TracChangeset
for help on using the changeset viewer.