global $adminer;
header("Content-Type: text/html; charset=utf-8");
header("Cache-Control: no-cache");
- if ($adminer->headers()) {
- header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
- header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
- header("X-Content-Type-Options: nosniff");
- header("Referrer-Policy: origin-when-cross-origin");
- }
+ header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
+ header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
+ header("X-Content-Type-Options: nosniff");
+ header("Referrer-Policy: origin-when-cross-origin");
+ $adminer->headers();
}
/** Print flash and error messages
Editor: Don't set time zone from PHP, fixes DST
Editor: Display field comment's text inside [] only in edit form
Editor: Fix doubleclick on database page
+Customization: Always send security headers
Hebrew translation
Adminer 4.3.1 (released 2017-04-14):
function headers() {
if ($this->sameOrigin) {
header("X-Frame-Options: SameOrigin");
+ } elseif (function_exists('header_remove')) {
+ header_remove("X-Frame-Options");
}
- header("X-XSS-Protection: 0");
- header("X-Content-Type-Options: nosniff");
- header("Referrer-Policy: origin-when-cross-origin");
- return false;
}
}
projects / adminer.git / commitdiff