Manual:$wgEditPageFrameOptions

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Manual:$wgEditPageFrameOptions and the translation is 25% complete.

Other languages:
Deutsch • ‎English • ‎español • ‎français • ‎italiano • ‎polski • ‎português • ‎português do Brasil • ‎中文 • ‎日本語
Site customization: $wgEditPageFrameOptions
Control framing of wiki pages globally.
Introducido en la versión:1.16.1
Eliminado en la versión:aún se usa
Valores permitidos:(cadena)
Valor predeterminado:DENY
Otros configuración: Alfabéticamente | Por Función

This variable determines the X-Frame-Options header to send on pages sensitive to clickjacking attacks, such as edit pages. This prevents those pages from being displayed in a frame or iframe. Las opciones son:

'DENY'
Do not allow framing. This is recommended for most wikis.
'SAMEORIGIN'
Allow framing by pages on the same domain. This can be used to allow framing within a trusted domain. This is insecure if there is a page on the same domain which allows framing of arbitrary URLs.
false
Allow all framing. This opens up the wiki to XSS attacks and thus full compromise of local user accounts. Private wikis behind a corporate firewall are especially vulnerable. This is not recommended.

Véase también