Skip to content

Commit

Permalink
Homepage: Use X-Frame-Options header to instruct browsers not to frame
Browse files Browse the repository at this point in the history 
Note that is not guaranteed to work, not all browsers respect this.
  • Loading branch information
@danij-deng
danij-deng committed May 25, 2012
1 parent 1d357cb commit ef7631d
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions web/classes/frontcontroller.class.php
View file
Expand Up @@ -555,6 +555,7 @@ public function outputHeader($mainHeading='')
$siteTitle = "$mainHeading • $siteTitle";

header('Content-type: text/html; charset=utf-8');
header('X-Frame-Options: SAMEORIGIN');

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
Expand Down

0 comments on commit ef7631d

Please sign in to comment.