firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Version 3.5.1

Browse Source 
1. 升级PHPMailer至5.2.22
2. 安装后删除无用文件
3. 开启X-Frame-Options,X-Content-Type-Options
4. 修复一系列bug

Todo
修复jqxgrid的一些问题
This commit is contained in:
Firesun
2017-02-18 17:07:32 +08:00
parent c246503ca8
commit e4fa310d38
9 changed files with 115 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
waf.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
header("Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-src 'none'");
header("X-Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-src 'none'");
header("X-WebKit-CSP: default-src 'self'; style-src 'self' 'unsafe-inline';img-src 'self' data:; frame-src 'none'");
header("X-XSS-Protection: 1; mode=block");
header("X-Content-Type-Options: nosniff");
header("X-Frame-Options: DENY");