Easier sending of default headers (customization)
This commit is contained in:
parent
2b9bd6f05d
commit
0f00277b82
|
@ -35,11 +35,10 @@ class Adminer {
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Headers to send before HTML output
|
/** Headers to send before HTML output
|
||||||
* @return null
|
* @return bool true to send security headers
|
||||||
*/
|
*/
|
||||||
function headers() {
|
function headers() {
|
||||||
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
|
return true;
|
||||||
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Print HTML code inside <head>
|
/** Print HTML code inside <head>
|
||||||
|
|
|
@ -9,7 +9,10 @@
|
||||||
function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
||||||
global $LANG, $adminer, $connection, $drivers;
|
global $LANG, $adminer, $connection, $drivers;
|
||||||
header("Content-Type: text/html; charset=utf-8");
|
header("Content-Type: text/html; charset=utf-8");
|
||||||
$adminer->headers();
|
if ($adminer->headers()) {
|
||||||
|
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
|
||||||
|
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
|
||||||
|
}
|
||||||
$title_all = $title . ($title2 != "" ? ": " . h($title2) : "");
|
$title_all = $title . ($title2 != "" ? ": " . h($title2) : "");
|
||||||
$title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name());
|
$title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name());
|
||||||
if (is_ajax()) {
|
if (is_ajax()) {
|
||||||
|
|
|
@ -8,6 +8,7 @@ Autocomplete for big foreign keys (Editor)
|
||||||
Display name of the referenced record in PostgreSQL (Editor)
|
Display name of the referenced record in PostgreSQL (Editor)
|
||||||
Customizable favicon (customization)
|
Customizable favicon (customization)
|
||||||
Method name can return a link (customization)
|
Method name can return a link (customization)
|
||||||
|
Easier sending of default headers (customization)
|
||||||
|
|
||||||
Adminer 3.2.2 (released 2011-03-28):
|
Adminer 3.2.2 (released 2011-03-28):
|
||||||
Fix AJAX history after reload
|
Fix AJAX history after reload
|
||||||
|
|
|
@ -27,8 +27,7 @@ class Adminer {
|
||||||
}
|
}
|
||||||
|
|
||||||
function headers() {
|
function headers() {
|
||||||
header("X-Frame-Options: deny");
|
return true;
|
||||||
header("X-XSS-Protection: 0");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function head() {
|
function head() {
|
||||||
|
|
Loading…
Reference in a new issue