Infra-Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2025-07-23 23:11:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

introducing CSP header to mitigate XSS attacks, closes #10

Browse source
This commit is contained in:
El RIDO 2016-08-09 14:46:32 +02:00
parent a28aebae7d
commit addb666a23
11 changed files with 75 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

1
lib/PrivateBin.php
View file

@ -402,6 +402,7 @@ class PrivateBin
header('Expires: ' . $time);
header('Last-Modified: ' . $time);
header('Vary: Accept');
header('Content-Security-Policy: ' . $this->_conf->getKey('cspheader'));
// label all the expiration options
$expire = array();