From 4a408843b0ef816daf70a472a02b78cd6073a4d5 Mon Sep 17 00:00:00 2001 From: Thomas Bruederli <thomas@roundcube.net> Date: Sun, 06 Mar 2016 08:31:07 -0500 Subject: [PATCH] Protect download urls against CSRF using unique request tokens (#1490642) Send X-Frame-Options headers with every HTTP response --- plugins/enigma/enigma.js | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js index bd52d04..a5497f4 100644 --- a/plugins/enigma/enigma.js +++ b/plugins/enigma/enigma.js @@ -157,7 +157,7 @@ if (!keys.length) return; - this.goto_url('plugin.enigmakeys', {_a: 'export', _keys: keys}); + this.goto_url('plugin.enigmakeys', {_a: 'export', _keys: keys}, false, true); }; // Submit key(s) import form -- Gitblit v1.9.1