diff options
| author | Derky <derky@phpbb.com> | 2019-07-30 07:34:13 +0200 |
|---|---|---|
| committer | Derky <derky@phpbb.com> | 2019-07-30 07:34:13 +0200 |
| commit | 6ada02b0606061672eb3989a7a1bdab39d3c61ce (patch) | |
| tree | 5ddf6eb6861f257f9b0b0556369bb6c5b3828139 | |
| parent | a02524e7fcf26f380889d541255f4738e3eabe76 (diff) | |
| parent | 30f8e5d638dd7f6d321c152b0eeea6ddf5ed361c (diff) | |
| download | forums-6ada02b0606061672eb3989a7a1bdab39d3c61ce.tar forums-6ada02b0606061672eb3989a7a1bdab39d3c61ce.tar.gz forums-6ada02b0606061672eb3989a7a1bdab39d3c61ce.tar.bz2 forums-6ada02b0606061672eb3989a7a1bdab39d3c61ce.tar.xz forums-6ada02b0606061672eb3989a7a1bdab39d3c61ce.zip | |
Merge pull request #5628 from marc1706/ticket/16101
[ticket/16101] Add Referrer-Policy header to phpBB's headers
| -rw-r--r-- | phpBB/includes/functions.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/functions_acp.php | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 47c4197d96..605afda0bd 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -4591,12 +4591,13 @@ function page_header($page_title = '', $display_online_list = false, $item_id = if ($send_headers) { - // An array of http headers that phpbb will set. The following event may override these. + // An array of http headers that phpBB will set. The following event may override these. $http_headers += array( // application/xhtml+xml not used because of IE 'Content-type' => 'text/html; charset=UTF-8', 'Cache-Control' => 'private, no-cache="set-cookie"', 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', + 'Referrer-Policy' => 'strict-origin-when-cross-origin', ); if (!empty($user->data['is_bot'])) { diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index dd326c3db6..a2014a7d5b 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -112,12 +112,13 @@ function adm_page_header($page_title) 'CONTAINER_EXCEPTION' => $phpbb_container->hasParameter('container_exception') ? $phpbb_container->getParameter('container_exception') : false, )); - // An array of http headers that phpbb will set. The following event may override these. + // An array of http headers that phpBB will set. The following event may override these. $http_headers = array( // application/xhtml+xml not used because of IE 'Content-type' => 'text/html; charset=UTF-8', 'Cache-Control' => 'private, no-cache="set-cookie"', 'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT', + 'Referrer-Policy' => 'strict-origin-when-cross-origin', ); /** |