CSP tweaks again, login uid fix, mild cleanup

2021-08-16 10:42:45 -04:00
parent 125441933c
commit 65a34f5b65
6 changed files with 12 additions and 12 deletions
--- a/index.php
+++ b/index.php
@@ -82,8 +82,8 @@
    $app_current_pageicon = '<i class="fas fa-home"></i> ';
    require_once("inc/header.inc.php");
    $urlsrc=basename(filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_URL));
-      header("X-Frame-Options: SAMEORIGIN");
-      header("X-Content-Type-Options: nosniff");
+      //header("X-Frame-Options: SAMEORIGIN");
+      //header("X-Content-Type-Options: nosniff");
      //header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
      if (!empty($_GET['a'])) {
        echo '<pre>' . print_r($_POST, true) . '</pre>';