function _seckit_get_js_css_noscript_code in Security Kit 6
Same name and namespace in other branches
- 7 seckit.module \_seckit_get_js_css_noscript_code()
Gets JavaScript and CSS code.
Return value
string
2 calls to _seckit_get_js_css_noscript_code()
- SecKitTestCase::testJSCSSNoscript in ./
seckit.test - Tests JS + CSS + Noscript protection.
- _seckit_js_css_noscript in ./
seckit.module - Enables JavaScript + CSS + Noscript Clickjacking defense.
File
- ./
seckit.module, line 471 - Allows administrators to improve security of the website.
Code
function _seckit_get_js_css_noscript_code() {
$options = _seckit_get_options();
$message = filter_xss($options['seckit_clickjacking']['noscript_message']);
$path = base_path() . drupal_get_path('module', 'seckit');
return <<<EOT
// close script tag for SecKit protection
//--><!]]>
</script>
<script type="text/javascript" src="{<span class="php-variable">$path</span>}/js/seckit.document_write.js"></script>
<link type="text/css" rel="stylesheet" id="seckit-clickjacking-no-body" media="all" href="{<span class="php-variable">$path</span>}/css/seckit.no_body.css" />
<!-- stop SecKit protection -->
<noscript>
<link type="text/css" rel="stylesheet" id="seckit-clickjacking-noscript-tag" media="all" href="{<span class="php-variable">$path</span>}/css/seckit.noscript_tag.css" />
<div id="seckit-noscript-tag">
<h1>{<span class="php-variable">$message</span>}</h1>
</div>
</noscript>
<script type="text/javascript">
<!--//--><![CDATA[//><!--
// open script tag to avoid syntax errors
EOT;
}