diff options
| author | thomascube <thomas@roundcube.net> | 2011-11-23 18:53:58 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2011-11-23 18:53:58 +0000 |
| commit | 10e2dbbb9c49f1721b4d740bc102c10c742a7b76 (patch) | |
| tree | 093ff3e39521d3bb266b1b78dc84235a2eaedc7b /program/include/rcube_template.php | |
| parent | d65dd9cbe81031244fd9af047a474bb08f6045ef (diff) | |
Improve clickjacking protection: bust frame or disable all form elements and abort UI initialization
Diffstat (limited to 'program/include/rcube_template.php')
| -rwxr-xr-x | program/include/rcube_template.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php index 1a82f7e6e..ea221767c 100755 --- a/program/include/rcube_template.php +++ b/program/include/rcube_template.php @@ -71,6 +71,7 @@ class rcube_template extends rcube_html_page //$this->framed = $framed; $this->set_env('task', $task); + $this->set_env('x_frame_options', $this->app->config->get('x_frame_options', 'sameorigin')); // load the correct skin (in case user-defined) $this->set_skin($this->config['skin']); |