Easier sending of default headers (customization)
This commit is contained in:
parent
2b9bd6f05d
commit
0f00277b82
|
@ -35,11 +35,10 @@ class Adminer {
|
|||
}
|
||||
|
||||
/** Headers to send before HTML output
|
||||
* @return null
|
||||
* @return bool true to send security headers
|
||||
*/
|
||||
function headers() {
|
||||
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
|
||||
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
|
||||
return true;
|
||||
}
|
||||
|
||||
/** Print HTML code inside <head>
|
||||
|
|
|
@ -9,7 +9,10 @@
|
|||
function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
||||
global $LANG, $adminer, $connection, $drivers;
|
||||
header("Content-Type: text/html; charset=utf-8");
|
||||
$adminer->headers();
|
||||
if ($adminer->headers()) {
|
||||
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
|
||||
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
|
||||
}
|
||||
$title_all = $title . ($title2 != "" ? ": " . h($title2) : "");
|
||||
$title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name());
|
||||
if (is_ajax()) {
|
||||
|
|
|
@ -8,6 +8,7 @@ Autocomplete for big foreign keys (Editor)
|
|||
Display name of the referenced record in PostgreSQL (Editor)
|
||||
Customizable favicon (customization)
|
||||
Method name can return a link (customization)
|
||||
Easier sending of default headers (customization)
|
||||
|
||||
Adminer 3.2.2 (released 2011-03-28):
|
||||
Fix AJAX history after reload
|
||||
|
|
|
@ -27,8 +27,7 @@ class Adminer {
|
|||
}
|
||||
|
||||
function headers() {
|
||||
header("X-Frame-Options: deny");
|
||||
header("X-XSS-Protection: 0");
|
||||
return true;
|
||||
}
|
||||
|
||||
function head() {
|
||||
|
|
Loading…
Reference in a new issue