Skip to content

Commit 6e14811

Browse files
freddenfredden
authored
Send Content-Security-Policy headers in setup/ app (#17751)
This pull request adds Content-Security-Policy and other security-related headers to the setup/ application, as requested in #12359. Fixes #12359 Signed-off-by: Dan Wallis <mrdanwallis@gmail.com>
1 parent 0cc774d commit 6e14811

1 file changed

Lines changed: 4 additions & 0 deletions

File tree

setup/index.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
use PhpMyAdmin\Controllers\Setup\HomeController;
1111
use PhpMyAdmin\Controllers\Setup\ServersController;
1212
use PhpMyAdmin\Core;
13+
use PhpMyAdmin\Header;
1314
use PhpMyAdmin\Template;
1415
use PhpMyAdmin\Url;
1516

@@ -36,6 +37,9 @@
3637

3738
Core::noCacheHeader();
3839

40+
// Sent security-related headers
41+
(new Header())->sendHttpHeaders();
42+
3943
if ($page === 'form') {
4044
echo (new FormController($GLOBALS['ConfigFile'], new Template()))([
4145
'formset' => $_GET['formset'] ?? null,

0 commit comments

Comments
 (0)