summaryrefslogtreecommitdiff
path: root/themes
diff options
context:
space:
mode:
Diffstat (limited to 'themes')
-rw-r--r--themes/admin_wind/views/admin.html.php1
-rw-r--r--themes/wind/views/dynamic.html.php2
-rw-r--r--themes/wind/views/page.html.php5
3 files changed, 5 insertions, 3 deletions
diff --git a/themes/admin_wind/views/admin.html.php b/themes/admin_wind/views/admin.html.php
index 9a149149..0300f7af 100644
--- a/themes/admin_wind/views/admin.html.php
+++ b/themes/admin_wind/views/admin.html.php
@@ -1,4 +1,5 @@
<?php defined("SYSPATH") or die("No direct script access.") ?>
+<?php header("X-Frame-Options: SAMEORIGIN"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" <?= $theme->html_attributes() ?> xml:lang="en" lang="en">
diff --git a/themes/wind/views/dynamic.html.php b/themes/wind/views/dynamic.html.php
index 67360da7..33e05de3 100644
--- a/themes/wind/views/dynamic.html.php
+++ b/themes/wind/views/dynamic.html.php
@@ -3,7 +3,7 @@
<div id="g-album-header-buttons">
<?= $theme->dynamic_top() ?>
</div>
- <h1><?= html::clean($title) ?></h1>
+ <h1><?= html::purify($title) ?></h1>
</div>
<ul id="g-album-grid" class="ui-helper-clearfix">
diff --git a/themes/wind/views/page.html.php b/themes/wind/views/page.html.php
index 24d3347e..c3e212c5 100644
--- a/themes/wind/views/page.html.php
+++ b/themes/wind/views/page.html.php
@@ -1,4 +1,5 @@
<?php defined("SYSPATH") or die("No direct script access.") ?>
+<?php header("X-Frame-Options: SAMEORIGIN"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" <?= $theme->html_attributes() ?> xml:lang="en" lang="en">
@@ -10,11 +11,11 @@
<?= $page_title ?>
<? else: ?>
<? if ($theme->item()): ?>
- <?= $theme->item()->title ?>
+ <?= html::purify($theme->item()->title) ?>
<? elseif ($theme->tag()): ?>
<?= t("Photos tagged with %tag_title", array("tag_title" => $theme->tag()->name)) ?>
<? else: /* Not an item, not a tag, no page_title specified. Help! */ ?>
- <?= item::root()->title ?>
+ <?= html::purify(item::root()->title) ?>
<? endif ?>
<? endif ?>
</title>
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 07:15:47 +0000