ClickJacking protection

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1150 7c3ca157-0c34-0410-bff1-cbf682f78f5c
2009-09-25 15:30:38 +00:00 · 2009-09-25 15:30:38 +00:00 · 7a19c3d649
parent a1609c79ac
commit 7a19c3d649
2 changed files with 2 additions and 0 deletions
--- a/adminer/include/design.inc.php
+++ b/adminer/include/design.inc.php
@ -2,6 +2,7 @@
 function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
 	global $LANG, $VERSION, $adminer;
 	header("Content-Type: text/html; charset=utf-8");
+	header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, NoScript plugin
 	$title_all = $title . (strlen($title2) ? ": " . h($title2) : "");
 	?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
--- a/changes.txt
+++ b/changes.txt
@ -3,6 +3,7 @@ Display table links above table structure
 Fix removed default in ALTER
 Display whitespace in texts (bug #2858042)
 Display number of manipulated rows in JS confirm
+ClickJacking protection in modern browsers
 E-mail attachments (Editor)
 Optional year in date (Editor)
 Search operators (Editor)