Headline
CVE-2023-0057: Add X-Frame-Options: DENY header · pyload/pyload@bd2a31b
Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33.
@@ -60,11 +60,16 @@ def _configure_themes(cls, app, path_prefix=""):
@classmethod
def _configure_handlers(cls, app):
“"”
Register error handlers.
Register app handlers.
“"”
for exc, fn in cls.FLASK_ERROR_HANDLERS:
app.register_error_handler(exc, fn)
@app.after_request
def deny_iframe(response):
response.headers[“X-Frame-Options”] = “DENY”
return response
@classmethod
def _configure_json_encoding(cls, app):
app.json_encoder = JSONEncoder
Related news
GHSA-h8r9-467r-vjjf: pyLoad vulnerable to Improper Restriction of Rendered UI Layers or Frames
Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33.