CSP tweaks again, login uid fix, mild cleanup

2021-08-16 10:42:45 -04:00
parent 125441933c
commit 65a34f5b65
6 changed files with 12 additions and 12 deletions
--- a/changeaccess.php
+++ b/changeaccess.php
@@ -81,8 +81,8 @@
    if ($StaticFunctions->getUserSessionStatus() == true) {                         // CHECK STATUS
        header('Location: index.php');                                          // ELSE HOME
    } else {
-      header("X-Frame-Options: SAMEORIGIN");
-      header("X-Content-Type-Options: nosniff");
+      //header("X-Frame-Options: SAMEORIGIN");
+      //header("X-Content-Type-Options: nosniff");
      //header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
      if (!empty(filter_input(INPUT_GET, 'a', FILTER_SANITIZE_FULL_SPECIAL_CHARS))) {
        //echo '<pre>' . print_r($_POST, true) . '</pre>';