mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
avoid a clickjacking attack reported on huntr.dev by @ranjit-git
This commit is contained in:
parent
feb5cbc7f3
commit
64e98fcf97
@ -27,6 +27,9 @@ if (!defined('POSTFIXADMIN')) { # already defined if called from setup.php
|
||||
if (empty($_SESSION['flash'])) {
|
||||
$_SESSION['flash'] = array();
|
||||
}
|
||||
|
||||
// avoid clickjacking attacks?
|
||||
header('X-Frame-Options: DENY');
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user