Skip to content
Jump to bottom

Add "Content-Security-Policy: frame-ancestors 'self'" to view headers (CO-2705) #158

Merged
merged 1 commit into from May 2, 2024
+3 −0
Merged

Add "Content-Security-Policy: frame-ancestors 'self'" to view headers (CO-2705) #158

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions app/templates/layout/default.php
View file
Open in desktop
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down
1 change: 1 addition & 0 deletions app/templates/layout/error.php
View file
Open in desktop
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down
1 change: 1 addition & 0 deletions app/templates/layout/iframe.php
View file
Open in desktop
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down