marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

add X-Frame-Options to console headers

Browse Source
This commit is contained in:
zzz
2012-05-13 13:05:17 +00:00
parent fc5e30e6ae
commit 3685bf04d0
14 changed files with 37 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/routerconsole/jsp/css.jsi
View File

@@ -29,6 +29,10 @@
<jsp:useBean class="net.i2p.router.web.CSSHelper" id="intl" scope="request" />
<jsp:setProperty name="intl" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
<%
// clickjacking
if (intl.shouldSendXFrame())
response.setHeader("X-Frame-Options", "SAMEORIGIN");
String conNonceParam = request.getParameter("consoleNonce");
if (conNonceParam != null && conNonceParam.equals(System.getProperty("router.consoleNonce"))) {
intl.setLang(request.getParameter("lang"));