introducing CSP header to mitigate XSS attacks, closes #10

2016-08-09 14:46:32 +02:00
parent a28aebae7d
commit addb666a23
11 changed files with 75 additions and 18 deletions
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -159,7 +159,7 @@ if (strlen($LANGUAGESELECTION)):
 <?php
    foreach ($LANGUAGES as $key => $value):
 ?>
-							<option class="reloadlink" onclick="document.cookie='lang=<?php echo $key; ?>';" value="<?php echo $key; ?>"<?php
+							<option data-lang="<?php echo $key; ?>" value="<?php echo $key; ?>"<?php
        if ($key == $LANGUAGESELECTION):
 ?> selected="selected"<?php
        endif;