Exemple #1
0
 function setupHeaders($p_event)
 {
     global $g_bypass_headers;
     if (!$g_bypass_headers && !headers_sent()) {
         http_content_headers();
         http_caching_headers();
         header('X-Frame-Options: DENY');
         $t_avatar_img_allow = '';
         if (config_get_global('show_avatar')) {
             if ($_SERVER['REQUEST_SCHEME'] == 'https') {
                 $t_avatar_img_allow = "; img-src 'self' https://secure.gravatar.com:443";
             } else {
                 $t_avatar_img_allow = "; img-src 'self' http://www.gravatar.com:80";
             }
         }
         header("X-Content-Security-Policy: allow 'self'; img-src *; options inline-script eval-script{$t_avatar_img_allow}; frame-ancestors 'none'");
         http_custom_headers();
     }
     $g_bypass_headers = true;
 }
Exemple #2
0
/**
 * Set all headers used by a normal page load.
 */
function http_all_headers()
{
    global $g_bypass_headers;
    if (!$g_bypass_headers && !headers_sent()) {
        http_content_headers();
        http_caching_headers();
        http_security_headers();
        http_custom_headers();
    }
}