You are here

function _seckit_x_xss in Security Kit 6

Same name and namespace in other branches
  1. 7 seckit.module \_seckit_x_xss()

Sends X-XSS-Protection HTTP header.

X-XSS-Protection controls IE8/Safari/Chrome internal XSS filter.

1 call to _seckit_x_xss()
seckit_init in ./seckit.module
Implements hook_init().

File

./seckit.module, line 228
Allows administrators to improve security of the website.

Code

function _seckit_x_xss($setting) {
  switch ($setting) {
    case SECKIT_X_XSS_0:
      drupal_set_header('X-XSS-Protection: 0');

      // set X-XSS-Protection header to 0
      break;
    case SECKIT_X_XSS_1:
      drupal_set_header('X-XSS-Protection: 1; mode=block');

      // set X-XSS-Protection header to 1; mode=block
      break;
    case SECKIT_X_XSS_DISABLE:
    default:

      // do nothing
      break;
  }
}