Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

set X-Frame-Options to SAMEORIGIN in admin pages #273 #274

Merged
merged 1 commit into from

2 participants

@tdtds
Owner

とりあえずSAMEORIGIN決め打ちにしたけど、optionを見てもいいかも知れない。

@hsbt
Owner

:100:

@tdtds tdtds merged commit 31dde8b into master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 26, 2013
  1. @tdtds
This page is out of date. Refresh to see the latest.
Showing with 2 additions and 1 deletion.
  1. +2 −1  tdiary/dispatcher/update_main.rb
View
3  tdiary/dispatcher/update_main.rb
@@ -33,7 +33,8 @@ def run
'Content-Type' => 'text/html',
'charset' => conf.encoding,
'Content-Length' => body.bytesize.to_s,
- 'Vary' => 'User-Agent'
+ 'Vary' => 'User-Agent',
+ 'X-Frame-Options' => 'SAMEORIGIN'
}
end
body = ( request.head? ? '' : body )
Something went wrong with that request. Please try again.