MantisBT: master-1.3.x c13b3253

Diff Back to Repository
Author Committer Branch Timestamp Parent
vboctor dregad master-1.3.x 2016-08-25 19:19 master-1.3.x 9f359863
Affected Issues  0021263: CVE-2016-7111: Content Security Policy is weakened by Gravatar plugin
Changeset

Add EVENT_CORE_HEADERS event

Called before core emits headers enabling plugins to emit their
own headers or call APIs that shape the value of headers emitted by
core like Content-Security-Policy.

Fixes 0021263
mod - core.php Diff File
mod - core/events_inc.php Diff File
mod - docbook/Developers_Guide/en-US/Events_Reference.xml Diff File
mod - plugins/Gravatar/Gravatar.php Diff File