Uses own XSS protection
This commit is contained in:
parent
cb153ac0d1
commit
0f3a525801
|
@ -37,6 +37,7 @@ class Adminer {
|
|||
*/
|
||||
function headers() {
|
||||
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox NoScript plugin
|
||||
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
|
||||
}
|
||||
|
||||
/** Print login form
|
||||
|
|
|
@ -28,6 +28,7 @@ class Adminer {
|
|||
|
||||
function headers() {
|
||||
header("X-Frame-Options: deny");
|
||||
header("X-XSS-Protection: 0");
|
||||
}
|
||||
|
||||
function loginForm() {
|
||||
|
|
Loading…
Reference in a new issue