search

zero-24 / plg_system_httpheader

This is a Joomla Plugin that provides setting of HTTP Headers
21 stars 7 forks source link

Backport the frame ancestors self switch to this plugin #26

Closed zero-24 closed 4 years ago

zero-24 commented 4 years ago

Hi,

this is a backpot for the PR i made for the core version here: https://github.com/joomla/joomla-cms/pull/28066

@brianteeman @Sandra97 @YGomiero @jeckodevelopment @pe7er please send me your translations / suggestions for the new language string as a comment or suggestion to this PR so I can add it to this PR and the final release.

PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED_DESC="Enable the CSP clickjacking protection frame-ancestors and only allow the origin 'self'. Please use the form below to allow origins other than 'self'."

Feel free to ping me on any questions.

jeckodevelopment commented 4 years ago

Hope that this way was correct :)

Sandra97 commented 4 years ago

Activer la protection CSP frame-ancestors contre le détournement de clic et n'autoriser que l'origine "self". Veuillez utiliser le formulaire ci-dessous pour autoriser les origines autres que "self".

pe7er commented 4 years ago

PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED_DESC="Schakel de CSP clickjacking bescherming voor frame-ancestors in en sta alleen 'zelf' als bron toe. Gebruik het onderstaande formulier om andere bronnen dan 'zelf' toe te staan."

zero-24 commented 4 years ago

Many thanks I have just committed the updated language strings and can do a release soon 👍

ps @pe7er i have used 'self' over your 'zelf' as 'self' is the actual value you set to the header.