Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/old/vendor/magento/framework/App/Response/HeaderProvider/ |
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento\Framework\App\Response\HeaderProvider;
use \Magento\Framework\App\Response\Http;
/**
* Adds an X-FRAME-OPTIONS header to HTTP responses to safeguard against click-jacking.
*/
class XFrameOptions extends \Magento\Framework\App\Response\HeaderProvider\AbstractHeaderProvider
{
/** Deployment config key for frontend x-frame-options header value */
const DEPLOYMENT_CONFIG_X_FRAME_OPT = 'x-frame-options';
/** Always send SAMEORIGIN in backend x-frame-options header */
const BACKEND_X_FRAME_OPT = 'SAMEORIGIN';
/**
* x-frame-options Header name
*
* @var string
*/
protected $headerName = Http::HEADER_X_FRAME_OPT;
/**
* x-frame-options header value
*
* @var string
*/
protected $headerValue;
/**
* @param string $xFrameOpt
*/
public function __construct($xFrameOpt = 'SAMEORIGIN')
{
$this->headerValue = $xFrameOpt;
}
}