From 4103bc48c08475c69c37dd881497df0c03080cbd Mon Sep 17 00:00:00 2001
From: Floorb <132411956+Neetpone@users.noreply.github.com>
Date: Fri, 20 Aug 2021 16:17:13 -0400
Subject: [PATCH] Fix small reflected XSS
---
includes/common.php | 4 ++++
theme/bulma/main.php | 10 +++++-----
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/includes/common.php b/includes/common.php
index e5dbb28..096873d 100644
--- a/includes/common.php
+++ b/includes/common.php
@@ -154,3 +154,7 @@ $current_user = User::current($conn);
if ($current_user) {
$noguests = "off";
}
+
+/* Security headers */
+header('X-Frame-Options: SAMEORIGIN');
+header('X-Content-Type-Options: nosniff');
diff --git a/theme/bulma/main.php b/theme/bulma/main.php
index 8d2e309..86db549 100644
--- a/theme/bulma/main.php
+++ b/theme/bulma/main.php
@@ -185,9 +185,9 @@
+ value="">
-
+
@@ -234,7 +234,7 @@
+ placeholder="Paste Or Drop Text File Here.">
File Size: 1000/1000Kb
@@ -250,7 +250,7 @@
data-max-chars="40" type="text" data-item-text="name"
data-item-value="name"
data-case-sensitive="false" placeholder="10 Tags Maximum"
- value="">
+ value="">
@@ -353,7 +353,7 @@
+ value="">