From 10e2dbbb9c49f1721b4d740bc102c10c742a7b76 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Wed, 23 Nov 2011 18:53:58 +0000
Subject: Improve clickjacking protection: bust frame or disable all form
 elements and abort UI initialization

---
 program/include/rcube_template.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'program/include/rcube_template.php')

diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index 1a82f7e6e..ea221767c 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -71,6 +71,7 @@ class rcube_template extends rcube_html_page
 
         //$this->framed = $framed;
         $this->set_env('task', $task);
+        $this->set_env('x_frame_options', $this->app->config->get('x_frame_options', 'sameorigin'));
 
         // load the correct skin (in case user-defined)
         $this->set_skin($this->config['skin']);
-- 
cgit v1.2.3