beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Easier sending of default headers (customization)

Browse source
This commit is contained in:
Jakub Vrana 2011-05-31 07:48:10 +02:00
parent 2b9bd6f05d
commit 0f00277b82
4 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
adminer/include/adminer.inc.php
View file

@ -35,11 +35,10 @@ class Adminer {
} }
/** Headers to send before HTML output /** Headers to send before HTML output
* @return null * @return bool true to send security headers
*/ */
function headers() { function headers() {
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9 return true;
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
} }
/** Print HTML code inside <head> /** Print HTML code inside <head>

5
adminer/include/design.inc.php
View file

@ -9,7 +9,10 @@
function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") { function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
global $LANG, $adminer, $connection, $drivers; global $LANG, $adminer, $connection, $drivers;
header("Content-Type: text/html; charset=utf-8"); header("Content-Type: text/html; charset=utf-8");
$adminer->headers(); if ($adminer->headers()) {
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
}
$title_all = $title . ($title2 != "" ? ": " . h($title2) : ""); $title_all = $title . ($title2 != "" ? ": " . h($title2) : "");
$title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name()); $title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name());
if (is_ajax()) { if (is_ajax()) {

1
changes.txt
View file

@ -8,6 +8,7 @@ Autocomplete for big foreign keys (Editor)
Display name of the referenced record in PostgreSQL (Editor) Display name of the referenced record in PostgreSQL (Editor)
Customizable favicon (customization) Customizable favicon (customization)
Method name can return a link (customization) Method name can return a link (customization)
Easier sending of default headers (customization)
Adminer 3.2.2 (released 2011-03-28): Adminer 3.2.2 (released 2011-03-28):
Fix AJAX history after reload Fix AJAX history after reload

3
editor/include/adminer.inc.php
View file

@ -27,8 +27,7 @@ class Adminer {
} }
function headers() { function headers() {
header("X-Frame-Options: deny"); return true;
header("X-XSS-Protection: 0");
} }
function head() { function head() {