AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow public board iframe inclusion (see #309)

This commit is contained in:
Frédéric Guillot 2014-10-07 19:35:02 -04:00
parent f63984af1a
commit f9e4915d75
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Controller/Base.php
View File

@ -116,7 +116,11 @@ abstract class Base
$this->response->csp(array('style-src' => "'self' 'unsafe-inline'"));
$this->response->nosniff();
$this->response->xss();
$this->response->xframe();
// Allow the public board iframe inclusion
if ($action !== 'readonly') {
$this->response->xframe();
}
if (ENABLE_HSTS) {
$this->response->hsts();