git.shiar.nl
/
minimedit.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
page: disallow frame ancestors to prevent clickjacking
[minimedit.git]
/
page.php
diff --git
a/page.php
b/page.php
index 12e06900b22d1993f3aa2f0aaa8dd0ffff523a18..3dd8cba7f290facb110232f0bbd2f105f95bdb33 100644
(file)
--- a/
page.php
+++ b/
page.php
@@
-159,6
+159,8
@@
if ($PageAccess = $Article->restricted) {
# prepare page contents
+header("Content-Security-Policy: frame-ancestors 'none'");
+
ob_start(); # page body
$Place = [
'user' => $User ? $User->login : '',