Point808/LobbySIO
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remediate other vulns

Browse Source
This commit is contained in:
Josh North 2021-08-11 12:49:27 -04:00
parent a82179f59c
commit 9656203f26
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/header.inc.php
View File

@ -82,7 +82,7 @@
$timenow = $timeplus->format('Y-m-d H:i:s'); $timenow = $timeplus->format('Y-m-d H:i:s');
header("X-Frame-Options: SAMEORIGIN"); header("X-Frame-Options: SAMEORIGIN");
header("X-Content-Type-Options: nosniff"); header("X-Content-Type-Options: nosniff");
header("Content-Security-Policy: default-src 'self'; script-src 'self'"); header("Content-Security-Policy: default-src 'unsafe-inline'; script-src 'unsafe-inline'");
//header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false); //header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
if (!empty($_GET['a'])) { if (!empty($_GET['a'])) {
echo '<pre>' . print_r($_POST, true) . '</pre>'; echo '<pre>' . print_r($_POST, true) . '</pre>';