summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSarven Capadisli <csarven@status.net>2010-02-19 13:13:05 +0100
committerSarven Capadisli <csarven@status.net>2010-02-19 13:13:05 +0100
commit8d59f7cc9d7f9f12d46530db2d9efe0b7aaac1a5 (patch)
tree960000b7e8a10cebf5c1b9d2d2f3359624081bbf
parentb03c7a383f00a97b08a270c6c472b46e11314b84 (diff)
Using inlineScript instead for clickjacking check
-rw-r--r--lib/action.php3
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/action.php b/lib/action.php
index cd84662c9..fa9ddb911 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -259,8 +259,7 @@ class Action extends HTMLOutputter // lawsuit
$this->script('util.js');
$this->script('geometa.js');
// Frame-busting code to avoid clickjacking attacks.
- $this->element('script', array('type' => 'text/javascript'),
- 'if (window.top !== window.self) { window.top.location.href = window.self.location.href; }');
+ $this->inlineScript('if (window.top !== window.self) { window.top.location.href = window.self.location.href; }');
Event::handle('EndShowStatusNetScripts', array($this));
Event::handle('EndShowLaconicaScripts', array($this));
}