You are here

Home » API reference » Security Kit 7 » seckit.module

function _seckit_x_xss in Security Kit 7

Same name and namespace in other branches
  1. 6 seckit.module \_seckit_x_xss()

Sends X-XSS-Protection HTTP header.

X-XSS-Protection controls IE8/Safari/Chrome internal XSS filter.

1 call to _seckit_x_xss()
seckit_init in ./seckit.module
Implements hook_init().

File

./seckit.module, line 461
Allows administrators to improve security of the website.

Code

function _seckit_x_xss($setting) {
  switch ($setting) {
    case SECKIT_X_XSS_0:
      drupal_add_http_header('X-XSS-Protection', '0');

      // set X-XSS-Protection header to 0
      break;
    case SECKIT_X_XSS_1:
      drupal_add_http_header('X-XSS-Protection', '1');

      // set X-XSS-Protection header to 1
      break;
    case SECKIT_X_XSS_1_BLOCK:
      drupal_add_http_header('X-XSS-Protection', '1; mode=block');

      // set X-XSS-Protection header to 1; mode=block
      break;
    case SECKIT_X_XSS_DISABLE:
    default:

      // do nothing
      break;
  }
}