Merge remote-tracking branch 'origin/master' into php8
This commit is contained in:
commit
05e236ed6c
@ -341,7 +341,10 @@ class Controller
|
|||||||
header('Content-Security-Policy: ' . $this->_conf->getKey('cspheader'));
|
header('Content-Security-Policy: ' . $this->_conf->getKey('cspheader'));
|
||||||
header('Cross-Origin-Resource-Policy: same-origin');
|
header('Cross-Origin-Resource-Policy: same-origin');
|
||||||
header('Cross-Origin-Embedder-Policy: require-corp');
|
header('Cross-Origin-Embedder-Policy: require-corp');
|
||||||
header('Cross-Origin-Opener-Policy: same-origin');
|
// disabled, because it prevents links from a paste to the same site to
|
||||||
|
// be opened. Didn't work with `same-origin-allow-popups` either.
|
||||||
|
// See issue https://github.com/PrivateBin/PrivateBin/issues/970 for details.
|
||||||
|
// header('Cross-Origin-Opener-Policy: same-origin');
|
||||||
header('Permissions-Policy: browsing-topics=()');
|
header('Permissions-Policy: browsing-topics=()');
|
||||||
header('Referrer-Policy: no-referrer');
|
header('Referrer-Policy: no-referrer');
|
||||||
header('X-Content-Type-Options: nosniff');
|
header('X-Content-Type-Options: nosniff');
|
||||||
|
Loading…
Reference in New Issue
Block a user