Skip to content

Commit

Permalink
Add "Content-Security-Policy: frame-ancestors 'self'" to view headers…
Browse files Browse the repository at this point in the history 
… (CO-2705) (COmanage#158)
  • Loading branch information
@arlen
arlen committed May 3, 2024
1 parent 4e06287 commit 730e444
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions app/templates/layout/default.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down
1 change: 1 addition & 0 deletions app/templates/layout/error.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down
1 change: 1 addition & 0 deletions app/templates/layout/iframe.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
header("Pragma: no-cache");
header("Content-Security-Policy: frame-ancestors 'self'");

// Add X-UA-Compatible header for IE
if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
Expand Down

0 comments on commit 730e444

Please sign in to comment.