Security - Add headers for X-Frame-Options and Content-Security-Policy (#7564)

2025-12-30 00:53:50 +00:00 · 2025-10-13 12:03:52 -07:00
parent d199ed6157
commit 8c82c7077b
1 changed files with 4 additions and 0 deletions
--- a/resources/require.php
+++ b/resources/require.php
@@ -88,6 +88,10 @@
 	global $database;
 	$database = database::new(['config' => $config]);

+//security headers
+	header("X-Frame-Options: SAMEORIGIN");
+	header("Content-Security-Policy: frame-ancestors 'self';");
+
 //start the session if not using the command line
 	global $no_session;
 	if (!defined('STDIN') && empty($no_session)) {