Manual:$wgEditPageFrameOptions/pl

Category:MediaWiki configuration settings/pl#EditPageFrameOptionsCategory:MediaWiki configuration settings introduced in version 1.16.1/pl#EditPageFrameOptionsCategory:MediaWiki configuration settings still in use/pl#EditPageFrameOptionsCategory:Security variables/pl#EditPageFrameOptions
Bezpieczeństwo: $wgEditPageFrameOptions
Control framing of wiki pages globally.
Wprowadzono w wersji:1.16.1
Usunięto w wersji:nadal w użyciu
Dozwolone wartości:(string) or false
Domyślna wartość:'DENY'
Inne ustawienia: Alfabetycznie | Według funkcji

This variable determines the X-Frame-Options header to send on pages sensitive to clickjacking attacks, such as edit pages. This prevents those pages from being displayed in a frame or iframe. The options are:

'DENY'
Do not allow framing. This is recommended for most wikis.
'SAMEORIGIN'
Allow framing by pages on the same domain. This can be used to allow framing within a trusted origin. This is insecure if there is a page on the same origin which allows framing of arbitrary URLs.
false
Allow all framing. This opens up the wiki to XSS attacks and thus full compromise of local user accounts. Private wikis behind a corporate firewall are especially vulnerable. This is not recommended.

Zobacz też

Category:MediaWiki configuration settings/pl Category:MediaWiki configuration settings introduced in version 1.16.1/pl Category:MediaWiki configuration settings still in use/pl Category:Security variables/pl