Point808/LobbySIO
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CSP tweaks again, login uid fix, mild cleanup

Browse Source
This commit is contained in:
Josh North
2021-08-16 10:42:45 -04:00
parent 125441933c
commit 65a34f5b65
6 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
inc/header.inc.php
View File

@@ -84,8 +84,8 @@
$_SESSION['nonceStr'] = base64_encode(random_bytes(32));
$nonceHeader="nonce-".$_SESSION['nonceStr'];
$urlsrc=basename(filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_URL));
header("X-Frame-Options: SAMEORIGIN");
header("X-Content-Type-Options: nosniff");
//header("X-Frame-Options: SAMEORIGIN");
//header("X-Content-Type-Options: nosniff");
//oldheader("Content-Security-Policy: default-src '$nonceHeader' 'self'; script-src '$nonceHeader' 'self' ; script-src-elem '$nonceHeader' 'self'; script-src-attr '$nonceHeader' 'self'; style-src '$nonceHeader' 'self'; style-src-elem '$nonceHeader' 'self'; style-src-attr '$nonceHeader' 'self'; img-src '$nonceHeader' 'self' data:; connect-src '$nonceHeader' 'self'; frame-src '$nonceHeader' 'self'; font-src '$nonceHeader' 'self'; media-src '$nonceHeader' 'self'; object-src '$nonceHeader' 'self'; manifest-src '$nonceHeader' 'self'; worker-src '$nonceHeader' 'self'; prefetch-src '$nonceHeader' 'self'; form-action '$nonceHeader' 'self'; frame-ancestors '$nonceHeader' 'self'");
header("Content-Security-Policy: default-src '$nonceHeader' 'self'; script-src '$nonceHeader' 'self' ; style-src '$nonceHeader' 'self'; img-src '$nonceHeader' 'self' data:; connect-src '$nonceHeader' 'self'; frame-src '$nonceHeader' 'self'; font-src '$nonceHeader' 'self'; media-src '$nonceHeader' 'self'; object-src '$nonceHeader' 'self'; manifest-src '$nonceHeader' 'self'; worker-src '$nonceHeader' 'self'; prefetch-src '$nonceHeader' 'self'; form-action '$nonceHeader' 'self'; frame-ancestors 'self'");
if (!empty($_GET['a'])) {