N°3317 Security hardening

This commit is contained in:
Pierre Goiffon
2020-10-05 14:31:26 +02:00
parent bef1832ac7
commit 1551694198
15 changed files with 23 additions and 30 deletions

View File

@@ -352,7 +352,6 @@ function InteractiveShell($sExpression, $sQueryId, $sFormat, $sFileName, $sMode)
if ($sMode == 'dialog')
{
$oP = new ajax_page('');
$oP->add_header('X-Frame-Options: deny');
$oP->add('<div id="interactive_export_dlg">');
$sExportBtnLabel = json_encode(Dict::S('UI:Button:Export'));
$sJSTitle = json_encode(htmlentities(utils::ReadParam('dialog_title', '', false, 'raw_data'), ENT_QUOTES, 'UTF-8'));
@@ -378,7 +377,6 @@ EOF
else
{
$oP = new iTopWebPage('iTop Export');
$oP->add_header('X-Frame-Options: deny');
$oP->SetBreadCrumbEntry('ui-tool-export', Dict::S('Menu:ExportMenu'), Dict::S('Menu:ExportMenu+'), '', utils::GetAbsoluteUrlAppRoot().'images/wrench.png');
}
@@ -753,7 +751,6 @@ try
else
{
$oP = new ajax_page('iTop export');
$oP->add_header('X-Frame-Options: deny');
$oP->SetContentType($oExporter->GetMimeType());
}
DoExport($oP, $oExporter, false);
@@ -763,7 +760,6 @@ try
catch (BulkExportMissingParameterException $e)
{
$oP = new ajax_page('iTop Export');
$oP->add_header('X-Frame-Options: deny');
$oP->add($e->getMessage());
Usage($oP);
$oP->output();