mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-05 14:04:57 +02:00
Code Issues Releases Wiki Activity

[security/229] Add ajax prefilter for crossdomain requests

Browse Source 
SECURITY-229
This commit is contained in:
Marc Alexander 2018-12-11 21:28:29 +01:00
parent 97c5861d59
commit 179c6067be
No known key found for this signature in database
GPG Key ID: 50E0D2423696F995
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/assets/javascript/core.js
View File

@ -20,6 +20,13 @@ var phpbbAlertTimer = null;
phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined'); phpbb.isTouch = (window && typeof window.ontouchstart !== 'undefined');
// Add ajax pre-filter to prevent cross-domain script execution
$.ajaxPrefilter(function(s) {
if (s.crossDomain) {
s.contents.script = false;
}
});
/** /**
* Display a loading screen * Display a loading screen
* *