diff --git a/login.php b/login.php index 46071699..91884b10 100644 --- a/login.php +++ b/login.php @@ -1,6 +1,5 @@ purify($row['document_content']);
- +

diff --git a/portal/documents.php b/portal/documents.php index 5d950689..e6cfa819 100644 --- a/portal/documents.php +++ b/portal/documents.php @@ -4,7 +4,7 @@ * Docs for PTC / technical contacts */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); require_once("inc_portal.php"); diff --git a/portal/index.php b/portal/index.php index 78528659..6e1ad752 100644 --- a/portal/index.php +++ b/portal/index.php @@ -4,7 +4,7 @@ * Landing / Home page for the client portal */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); require_once("inc_portal.php"); diff --git a/portal/invoices.php b/portal/invoices.php index 5b74f2a4..590de567 100644 --- a/portal/invoices.php +++ b/portal/invoices.php @@ -4,7 +4,7 @@ * Invoices for PTC */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); require_once("inc_portal.php"); diff --git a/portal/login.php b/portal/login.php index 0400159b..f4eae805 100644 --- a/portal/login.php +++ b/portal/login.php @@ -4,9 +4,7 @@ * Landing / Home page for the client portal */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); - -header("X-Frame-Options: DENY"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); $session_company_id = 1; require_once('../config.php'); @@ -162,19 +160,15 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { + + - - - + diff --git a/portal/login_create.php b/portal/login_create.php deleted file mode 100644 index e69de29b..00000000 diff --git a/portal/login_reset.php b/portal/login_reset.php index ba4ca8de..87b07b47 100644 --- a/portal/login_reset.php +++ b/portal/login_reset.php @@ -4,6 +4,8 @@ * Password reset page */ +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); + $session_company_id = 1; require_once('../config.php'); require_once('../functions.php'); @@ -274,19 +276,15 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { + + - - - + diff --git a/portal/profile.php b/portal/profile.php index cac8630a..0a938abf 100644 --- a/portal/profile.php +++ b/portal/profile.php @@ -4,7 +4,7 @@ * User profile */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); require_once('inc_portal.php'); ?> diff --git a/portal/quotes.php b/portal/quotes.php index f89d5f31..3562ad12 100644 --- a/portal/quotes.php +++ b/portal/quotes.php @@ -4,7 +4,7 @@ * Quotes for PTC / billing contacts */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); require_once("inc_portal.php"); diff --git a/portal/tickets.php b/portal/tickets.php index c207f83b..24b1b92d 100644 --- a/portal/tickets.php +++ b/portal/tickets.php @@ -4,7 +4,7 @@ * Landing / Home page for the client portal */ -header("Content-Security-Policy: default-src 'self' https: fonts.googleapis.com"); +header("Content-Security-Policy: default-src 'self' fonts.googleapis.com fonts.gstatic.com"); require_once("inc_portal.php");