public function handleRequest(HTTPRequest $request, DataModel $model = null)
{
try {
$response = parent::handleRequest($request, $model);
} catch (ValidationException $e) {
// Nicer presentation of model-level validation errors
$msgs = _t('LeftAndMain.ValidationError', 'Validation error') . ': ' . $e->getMessage();
$e = new HTTPResponse_Exception($msgs, 403);
$errorResponse = $e->getResponse();
$errorResponse->addHeader('Content-Type', 'text/plain');
$errorResponse->addHeader('X-Status', rawurlencode($msgs));
$e->setResponse($errorResponse);
throw $e;
}
$title = $this->Title();
if (!$response->getHeader('X-Controller')) {
$response->addHeader('X-Controller', $this->class);
}
if (!$response->getHeader('X-Title')) {
$response->addHeader('X-Title', urlencode($title));
}
// Prevent clickjacking, see https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
$originalResponse = $this->getResponse();
$originalResponse->addHeader('X-Frame-Options', $this->config()->frame_options);
$originalResponse->addHeader('Vary', 'X-Requested-With');
return $response;
}
