git.shiar.nl / minimedit.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
page: disallow frame ancestors to prevent clickjacking
[minimedit.git] / page.php
diff --git a/page.php b/page.php
index 12e06900b22d1993f3aa2f0aaa8dd0ffff523a18..3dd8cba7f290facb110232f0bbd2f105f95bdb33 100644 (file)
--- a/page.php
+++ b/page.php
@@ -159,6 +159,8 @@ if ($PageAccess = $Article->restricted) {
 
 # prepare page contents
 
+header("Content-Security-Policy: frame-ancestors 'none'");
+
 ob_start(); # page body
 $Place = [
        'user'  => $User ? $User->login : '',
MinimEdit - databaseless cms with only a bit of php