composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-21 09:38:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°4368 Fix CORB blocking regression (#598)

Browse Source 
Don't send X-Content-Type-Options HTTP header for certain WebPage impl to workaround CORB blocking
To disable globally this new behavior introduced in 9865bf07, set the `security.enable_header_xcontent_type_options` config parameter to false

Thanks @Molkobain for the review !
This commit is contained in:
Pierre Goiffon
2024-01-05 10:41:18 +01:00
committed by GitHub
parent 94c604a6af
commit a4f6f6e877
4 changed files with 52 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
application/xmlpage.class.inc.php
View File

@@ -48,6 +48,16 @@ class XMLPage extends WebPage
$this->add_header("Content-location: export.xml");
}
/**
* Disabling sending the header so that resource won't be blocked by CORB. See parent method documentation.
* @return void
* @since 2.7.10 3.0.4 3.1.2 3.2.0 N°4368 method creation
*/
public function add_xcontent_type_options()
{
// Nothing to do !
}
public function output()
{
if (!$this->m_bPassThrough)