本文整理汇总了PHP中send_frame_options_header函数的典型用法代码示例。如果您正苦于以下问题:PHP send_frame_options_header函数的具体用法?PHP send_frame_options_header怎么用?PHP send_frame_options_header使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了send_frame_options_header函数的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: __construct
function __construct()
{
global $aio_wp_security;
if ($aio_wp_security->configs->get_value('aiowps_enable_rename_login_page') == '1') {
add_action('widgets_init', array(&$this, 'remove_standard_wp_meta_widget'));
add_filter('retrieve_password_message', array(&$this, 'decode_reset_pw_msg'), 10, 4);
//Fix for non decoded html entities in password reset link
}
add_action('admin_notices', array(&$this, 'reapply_htaccess_rules_notice'));
if (isset($_REQUEST['aiowps_reapply_htaccess'])) {
if (strip_tags($_REQUEST['aiowps_reapply_htaccess']) == 1) {
include_once 'wp-security-installer.php';
if (AIOWPSecurity_Installer::reactivation_tasks()) {
echo '<div class="updated"><p>The AIOWPS .htaccess rules were successfully re-inserted.</p></div>';
} else {
echo '<div class="error"><p>AIOWPS encountered an error when trying to write to your .htaccess file. Please check the logs.</p></div>';
}
} elseif (strip_tags($_REQUEST['aiowps_reapply_htaccess']) == 2) {
//Don't re-write the rules and just delete the temp config item
delete_option('aiowps_temp_configs');
}
}
if ($aio_wp_security->configs->get_value('aiowps_prevent_site_display_inside_frame') == '1') {
send_frame_options_header();
//send X-Frame-Options: SAMEORIGIN in HTTP header
}
if ($aio_wp_security->configs->get_value('aiowps_remove_wp_generator_meta_info') == '1') {
add_filter('the_generator', array(&$this, 'remove_wp_generator_meta_info'));
}
//For the cookie based brute force prevention feature
if ($aio_wp_security->configs->get_value('aiowps_enable_brute_force_attack_prevention') == 1) {
$bfcf_secret_word = $aio_wp_security->configs->get_value('aiowps_brute_force_secret_word');
if (isset($_GET[$bfcf_secret_word])) {
//If URL contains secret word in query param then set cookie and then redirect to the login page
AIOWPSecurity_Utility::set_cookie_value($bfcf_secret_word, "1");
AIOWPSecurity_Utility::redirect_to_url(AIOWPSEC_WP_URL . "/wp-admin");
}
}
//For user unlock request feature
if (isset($_POST['aiowps_unlock_request']) || isset($_POST['aiowps_wp_submit_unlock_request'])) {
nocache_headers();
remove_action('wp_head', 'head_addons', 7);
include_once AIO_WP_SECURITY_PATH . '/other-includes/wp-security-unlock-request.php';
exit;
}
if (isset($_GET['aiowps_auth_key'])) {
//If URL contains unlock key in query param then process the request
$unlock_key = strip_tags($_GET['aiowps_auth_key']);
AIOWPSecurity_User_Login::process_unlock_request($unlock_key);
}
//For honeypot feature
if (isset($_POST['aio_special_field'])) {
$special_field_value = strip_tags($_POST['aio_special_field']);
if (!empty($special_field_value)) {
//This means a robot has submitted the login form!
//Redirect back to its localhost
AIOWPSecurity_Utility::redirect_to_url('http://127.0.0.1');
}
}
//For 404 IP lockout feature
if ($aio_wp_security->configs->get_value('aiowps_enable_404_IP_lockout') == '1') {
if (!is_user_logged_in() || !current_user_can('administrator')) {
$this->do_404_lockout_tasks();
}
}
//For login captcha feature
if ($aio_wp_security->configs->get_value('aiowps_enable_login_captcha') == '1') {
if (!is_user_logged_in()) {
add_action('login_form', array(&$this, 'insert_captcha_question_form'));
}
}
//For custom login form captcha feature, ie, when wp_login_form() function is used to generate login form
if ($aio_wp_security->configs->get_value('aiowps_enable_custom_login_captcha') == '1') {
if (!is_user_logged_in()) {
add_filter('login_form_middle', array(&$this, 'insert_captcha_custom_login'), 10, 2);
//For cases where the WP wp_login_form() function is used
}
}
//For honeypot feature
if ($aio_wp_security->configs->get_value('aiowps_enable_login_honeypot') == '1') {
if (!is_user_logged_in()) {
add_action('login_form', array(&$this, 'insert_honeypot_hidden_field'));
}
}
//For lost password captcha feature
if ($aio_wp_security->configs->get_value('aiowps_enable_lost_password_captcha') == '1') {
if (!is_user_logged_in()) {
add_action('lostpassword_form', array(&$this, 'insert_captcha_question_form'));
add_action('lostpassword_post', array(&$this, 'process_lost_password_form_post'));
}
}
//For registration page captcha feature
if (AIOWPSecurity_Utility::is_multisite_install()) {
$blog_id = get_current_blog_id();
switch_to_blog($blog_id);
if ($aio_wp_security->configs->get_value('aiowps_enable_registration_page_captcha') == '1') {
if (!is_user_logged_in()) {
add_action('signup_extra_fields', array(&$this, 'insert_captcha_question_form_multi'));
//add_action('preprocess_signup_form', array(&$this, 'process_signup_form_multi'));
add_filter('wpmu_validate_user_signup', array(&$this, 'process_signup_form_multi'));
//.........这里部分代码省略.........
示例2: wc_send_frame_options_header
/**
* When loading sensitive checkout or account pages, send a HTTP header to limit rendering of pages to same origin iframes for security reasons.
*
* Can be disabled with: remove_action( 'template_redirect', 'wc_send_frame_options_header' );
*
* @since 2.3.10
*/
function wc_send_frame_options_header()
{
if (is_checkout() || is_account_page()) {
send_frame_options_header();
}
}示例3: enableFrameOptions
/**
* Sends the X-Frame-Options header to limit rendering of pages to frames on
* the same domain/origin. Provides XSS protection.
*
* @return void
*/
public function enableFrameOptions()
{
if (!headers_sent()) {
send_frame_options_header();
}
}