Remediate other vulns

This commit is contained in:
Josh North 2021-08-11 12:52:32 -04:00
parent 215b2d2e65
commit ca6619afcf

View File

@ -82,7 +82,7 @@
$timenow = $timeplus->format('Y-m-d H:i:s'); $timenow = $timeplus->format('Y-m-d H:i:s');
header("X-Frame-Options: SAMEORIGIN"); header("X-Frame-Options: SAMEORIGIN");
header("X-Content-Type-Options: nosniff"); header("X-Content-Type-Options: nosniff");
header("Content-Security-Policy: default-src '*'; script-src '*'"); //header("Content-Security-Policy: default-src '*'; script-src '*'");
//header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false); //header("Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self'; img-src 'self'; connect-src 'self'; frame-src 'self'; font-src 'self'; media-src 'self'; object-src 'self'; manifest-src 'self'; worker-src 'self'; prefetch-src 'self'; form-action 'self'; frame-ancestors 'self'; default-src 'self'", false);
if (!empty($_GET['a'])) { if (!empty($_GET['a'])) {
echo '<pre>' . print_r($_POST, true) . '</pre>'; echo '<pre>' . print_r($_POST, true) . '</pre>';