Browse files

Support SameOrigin

  • Loading branch information...
1 parent 5677bc4 commit 3e94e9d5f96195af3b71e1c9d2fff1f4f01a65de @vrana committed Feb 17, 2011
Showing with 13 additions and 1 deletion.
  1. +13 −1 plugins/frames.php
View
14 plugins/frames.php
@@ -1,14 +1,26 @@
<?php
-/** Allow using Adminer inside a frame
+/** Allow using Adminer inside a frame (disables ClickJacking protection)
* @author Jakub Vrana, http://www.vrana.cz/
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
*/
class AdminerFrames {
+ var $sameOrigin;
+
+ /**
+ * @param bool allow running from the same origin only
+ */
+ function AdminerFrames($sameOrigin = false) {
+ $this->sameOrigin = $sameOrigin;
+ }
function headers() {
+ if ($this->sameOrigin) {
+ header("X-Frame-Options: SameOrigin");
+ }
header("X-XSS-Protection: 0");
+ return true;
}
}

0 comments on commit 3e94e9d

Please sign in to comment.