summaryrefslogtreecommitdiff
path: root/webapps
diff options
context:
space:
mode:
authorDerrell Lipman <derrell@samba.org>2007-01-13 02:27:54 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:40:31 -0500
commit2c5a1e6bdde646fd51f36eb31043be0783cea0b1 (patch)
treec1d81b021f5b6a2d53ec5a1d594bf297b27a6c8c /webapps
parent007c6f6e659c61e426deb97f6156d92723549f71 (diff)
downloadsamba-2c5a1e6bdde646fd51f36eb31043be0783cea0b1.tar.gz
samba-2c5a1e6bdde646fd51f36eb31043be0783cea0b1.tar.bz2
samba-2c5a1e6bdde646fd51f36eb31043be0783cea0b1.zip
r20723: Web Application Framework
- Clearly no one has ever tried to obtain the Referer from the web server before. :-) - Send the Referer from the web application, in preparation for later security updates. (These updates are not immediately necessary, as ScriptTransport is disabled and we check the content type on XmlHttpTransport. This isn't anything to worry about.) (This used to be commit 33c07f4b92ac349af85dff11e24111fb16d201d0)
Diffstat (limited to 'webapps')
-rw-r--r--webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js5
1 files changed, 4 insertions, 1 deletions
diff --git a/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js b/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js
index b9e4bf29bc..1ae846cc10 100644
--- a/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js
+++ b/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js
@@ -310,9 +310,12 @@ qx.Proto.send = function()
// --------------------------------------
- // Appliying request header
+ // Applying request header
// --------------------------------------
+ // Add a Referer header
+ vRequest.setRequestHeader('Referer', window.location.href);
+
var vRequestHeaders = this.getRequestHeaders();
for (var vId in vRequestHeaders) {
vRequest.setRequestHeader(vId, vRequestHeaders[vId]);