issue: Prevent Click Jacking
This addresses a vulnerability where there was no `X-Frame-Options` header which could potentially allow click jacking. This adds the `X-Frame-Options: SAMEORIGIN` header so it will remove any chance of click jacking. According to Mozilla Developer Docs: ``` SAMEORIGIN The page can only be displayed in a frame on the same origin as the page itself. ```
Showing
- include/client/header.inc.php 1 addition, 0 deletionsinclude/client/header.inc.php
- include/staff/header.inc.php 1 addition, 0 deletionsinclude/staff/header.inc.php
- include/staff/login.header.php 1 addition, 0 deletionsinclude/staff/login.header.php
- setup/inc/header.inc.php 1 addition, 0 deletionssetup/inc/header.inc.php
Loading
Please register or sign in to comment