Include headers lib & csrf hidden form field

To help protect against CSRF and clickjacking Also include hidden form field containing this for postback top.ICEcoder.csrf also set
2026-03-03 07:13:59 +01:00 · 2014-04-18 17:57:54 +01:00
parent 3d89af7e17
commit a3c0243772
13 changed files with 48 additions and 11 deletions
--- a/editor.php
+++ b/editor.php
@@ -1,4 +1,7 @@
-<?php include("lib/settings.php");?>
+<?php
+include("lib/headers.php");
+include("lib/settings.php");
+?>
 <!DOCTYPE html>

 <html style="margin: 0" onMouseDown="top.ICEcoder.mouseDown=true" onMouseUp="top.ICEcoder.mouseDown=false; if (!top.ICEcoder.overCloseLink) {top.ICEcoder.tabDragEnd()}" onMouseMove="if(top.ICEcoder) {top.ICEcoder.getMouseXY(event,'editor');top.ICEcoder.canResizeFilesW()}" onDrop="if(top.ICEcoder) {top.ICEcoder.getMouseXY(event,'editor')}">
@@ -315,4 +318,4 @@ var debounce;

 </body>

-</html>
+</html>