OSDN Git Service
(root)
/
webchat
/
WebChat.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
9d464fb
)
X-FRAME-OPTIONSを送信するようにした
author
konekoneko
<jbh03215@hotmail.co.jp>
Mon, 19 Nov 2012 16:30:56 +0000
(
01:30
+0900)
committer
konekoneko
<jbh03215@hotmail.co.jp>
Mon, 19 Nov 2012 16:30:56 +0000
(
01:30
+0900)
chat.js
patch
|
blob
|
history
profile.js
patch
|
blob
|
history
diff --git
a/chat.js
b/chat.js
index
4fb80fd
..
c8f84e7
100644
(file)
--- a/
chat.js
+++ b/
chat.js
@@
-100,6
+100,7
@@
function admin_proc(req,res)
var iplist = ipbanlist.GetText();
\r
\r
fs.readdir($log_directory,function(err,list){
\r
var iplist = ipbanlist.GetText();
\r
\r
fs.readdir($log_directory,function(err,list){
\r
+ res.setHeader("X-FRAME-OPTIONS","DENY");
\r
res.render("admin", {
\r
files: list,
\r
log_directory:$log_directory,
\r
res.render("admin", {
\r
files: list,
\r
log_directory:$log_directory,
\r
diff --git
a/profile.js
b/profile.js
index
34636c1
..
3022f06
100644
(file)
--- a/
profile.js
+++ b/
profile.js
@@
-32,6
+32,7
@@
function admin_proc(req, res)
RenderMessage(res,err,info);
\r
else{
\r
result.token = info.token;
\r
RenderMessage(res,err,info);
\r
else{
\r
result.token = info.token;
\r
+ res.setHeader("X-FRAME-OPTIONS","DENY");
\r
res.render("profile/admin",result);
\r
}
\r
});
\r
res.render("profile/admin",result);
\r
}
\r
});
\r
@@
-130,6
+131,7
@@
function detail_proc(req, res)
else if(result.length == 0)
\r
RenderMessage(res,resource.notfound_name,req.session.items);
\r
else{
\r
else if(result.length == 0)
\r
RenderMessage(res,resource.notfound_name,req.session.items);
\r
else{
\r
+ res.setHeader("X-FRAME-OPTIONS","DENY");
\r
res.render("profile/detail",{list:result,token:req.session.items.token,admin:req.session.items.admin});
\r
}
\r
});
\r
res.render("profile/detail",{list:result,token:req.session.items.token,admin:req.session.items.admin});
\r
}
\r
});
\r
@@
-181,6
+183,7
@@
function detail_postproc(req, res)
if(err != null){
\r
RenderMessage(res,err,req.session.items);
\r
}else if(result != null){
\r
if(err != null){
\r
RenderMessage(res,err,req.session.items);
\r
}else if(result != null){
\r
+ res.setHeader("X-FRAME-OPTIONS","DENY");
\r
res.render("profile/edit",{list:result,token:req.body.token});
\r
}else{
\r
RenderMessage(res,resource.unmatch_password,req.session.items);
\r
res.render("profile/edit",{list:result,token:req.body.token});
\r
}else{
\r
RenderMessage(res,resource.unmatch_password,req.session.items);
\r
@@
-244,6
+247,7
@@
function registor_proc(req, res)
if(typeof(req.session.items) == "undefined")
\r
req.session.items = new security.SessionInfomation(false);
\r
\r
if(typeof(req.session.items) == "undefined")
\r
req.session.items = new security.SessionInfomation(false);
\r
\r
+ res.setHeader("X-FRAME-OPTIONS","DENY");
\r
res.render("profile/registor",{token:req.session.items.token});
\r
}
\r
\r
res.render("profile/registor",{token:req.session.items.token});
\r
}
\r
\r