Skip to content

Commit

Permalink
Merged #166 "Fix XRF vulnerability"
Browse files Browse the repository at this point in the history
  • Loading branch information
@gitblit
gitblit committed Sep 5, 2014
2 parents fcfcd84 + 71647a6 commit 30dc4e4
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/main/java/com/gitblit/wicket/pages/BasePage.java
View file
Expand Up @@ -166,6 +166,9 @@ protected void setHeaders(WebResponse response) {
// use default Wicket caching behavior
super.setHeaders(response);
}

// XRF vulnerability. issue-500 / ticket-166
response.setHeader("X-Frame-Options", "SAMEORIGIN");
}

/**
Expand Down

0 comments on commit 30dc4e4

Please sign in to comment.