Skip to content

Commit

Permalink
Add "Content-Security-Policy: frame-ancestors 'self'" to view headers…
Browse files Browse the repository at this point in the history 
… (CO-2705) (#65)
  • Loading branch information
@arlen
arlen authored Dec 20, 2024
1 parent 4db9fd8 commit 1a96837
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions app/templates/layout/default.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down
2 changes: 2 additions & 0 deletions app/templates/layout/error.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@
* @since 0.10.0
* @license https://opensource.org/licenses/mit-license.php MIT License
*/

header("Content-Security-Policy: frame-ancestors 'self'");
?>
<!DOCTYPE html>
<html>
Expand Down

0 comments on commit 1a96837

Please sign in to comment.