composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°3416 XFrame-Options header is now set using a config parameter, defaults to SAMEORIGIN

Browse Source 
Also adds an indirection (\WebPage::add_xframe_options) to set header
This commit is contained in:
Pierre Goiffon
2020-12-02 16:47:28 +01:00
parent 1cf1473d6b
commit 8bfcb14d0c
12 changed files with 58 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/config.class.inc.php
View File

@@ -1249,6 +1249,14 @@ class Config
'source_of_value' => '',
'show_in_conf_sample' => false,
),
'security_header_xframe' => [
'type' => 'string',
'description' => 'Value of the X-Frame-Options HTTP header sent by iTop. Possible values : DENY, SAMEORIGIN, or empty string.',
'default' => 'SAMEORIGIN',
'value' => '',
'source_of_value' => '',
'show_in_conf_sample' => false,
],
);