Using inlineScript instead for clickjacking check
This commit is contained in:
parent
b03c7a383f
commit
8d59f7cc9d
|
@ -259,8 +259,7 @@ class Action extends HTMLOutputter // lawsuit
|
||||||
$this->script('util.js');
|
$this->script('util.js');
|
||||||
$this->script('geometa.js');
|
$this->script('geometa.js');
|
||||||
// Frame-busting code to avoid clickjacking attacks.
|
// Frame-busting code to avoid clickjacking attacks.
|
||||||
$this->element('script', array('type' => 'text/javascript'),
|
$this->inlineScript('if (window.top !== window.self) { window.top.location.href = window.self.location.href; }');
|
||||||
'if (window.top !== window.self) { window.top.location.href = window.self.location.href; }');
|
|
||||||
Event::handle('EndShowStatusNetScripts', array($this));
|
Event::handle('EndShowStatusNetScripts', array($this));
|
||||||
Event::handle('EndShowLaconicaScripts', array($this));
|
Event::handle('EndShowLaconicaScripts', array($this));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user