Permalink
Browse files

Uses own XSS protection

  • Loading branch information...
1 parent cb153ac commit 0f3a5258017ffa60b90a9b13b323afac77801b87 @vrana committed Oct 20, 2010
Showing with 2 additions and 0 deletions.
  1. +1 −0 adminer/include/adminer.inc.php
  2. +1 −0 editor/include/adminer.inc.php
@@ -37,6 +37,7 @@ function database() {
*/
function headers() {
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox NoScript plugin
+ header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
}
/** Print login form
@@ -28,6 +28,7 @@ function database() {
function headers() {
header("X-Frame-Options: deny");
+ header("X-XSS-Protection: 0");
}
function loginForm() {

0 comments on commit 0f3a525

Please sign in to comment.