2011-02-17 08:23:13 +00:00
|
|
|
<?php
|
|
|
|
|
|
2011-02-17 20:22:21 +00:00
|
|
|
/** Allow using Adminer inside a frame (disables ClickJacking protection)
|
2015-09-08 16:23:25 +00:00
|
|
|
* @link https://www.adminer.org/plugins/#use
|
2011-02-17 08:23:13 +00:00
|
|
|
* @author Jakub Vrana, http://www.vrana.cz/
|
|
|
|
|
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
|
|
|
|
|
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
|
|
|
|
|
*/
|
|
|
|
|
class AdminerFrames {
|
2011-08-11 15:06:42 +00:00
|
|
|
/** @access protected */
|
2011-02-17 20:22:21 +00:00
|
|
|
var $sameOrigin;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @param bool allow running from the same origin only
|
|
|
|
|
*/
|
2015-08-15 15:04:21 +00:00
|
|
|
function __construct($sameOrigin = false) {
|
2011-02-17 20:22:21 +00:00
|
|
|
$this->sameOrigin = $sameOrigin;
|
|
|
|
|
}
|
2011-02-17 08:23:13 +00:00
|
|
|
|
|
|
|
|
function headers() {
|
2011-02-17 20:22:21 +00:00
|
|
|
if ($this->sameOrigin) {
|
|
|
|
|
header("X-Frame-Options: SameOrigin");
|
|
|
|
|
}
|
2011-02-17 08:23:13 +00:00
|
|
|
header("X-XSS-Protection: 0");
|
2011-08-03 14:03:42 +00:00
|
|
|
return false;
|
2011-02-17 08:23:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
