Skip to content
Snippets Groups Projects

Contrib: Issue #3411241: Expand ConverterCommand documentation to make it...

Closed Contrib: Issue #3411241: Expand ConverterCommand documentation to make it...
issue/drupal-3411111:3411111-auto-updates-build-tests into 11.x
Closed Ted Bowman requested to merge issue/drupal-3411111:3411111-auto-updates-build-tests into 11.x
Viewing commit 0d6cd441
Prev
Show latest version
2 files
+ 8
3
Compare changes
  • Side-by-side
  • Inline
Files
2
core/lib/Drupal/Core/EventSubscriber/FinishResponseSubscriber.php
+ 4
2
@@ -123,8 +123,10 @@ public function onRespond(ResponseEvent $event) {
// different from the declared content-type, since that can lead to
// XSS and other vulnerabilities.
// https://owasp.org/www-project-secure-headers
$response->headers->set('X-Content-Type-Options', 'nosniff', FALSE);
$response->headers->set('X-Frame-Options', 'SAMEORIGIN', FALSE);
$response->headers->set('X-Content-Type-Options', 'nosniff');
if (!$response->headers->has('X-Frame-Options')) {
$response->headers->set('X-Frame-Options', 'SAMEORIGIN');
}
// If the current response isn't an implementation of the
// CacheableResponseInterface, we assume that a Response is either