diff options
| -rw-r--r-- | ncp-web/ncp-launcher.php | 1 | ||||
| -rw-r--r-- | ncp-web/ncp-output.php | 6 | ||||
| -rw-r--r-- | ncp-web/wizard/index.php | 12 |
3 files changed, 19 insertions, 0 deletions
diff --git a/ncp-web/ncp-launcher.php b/ncp-web/ncp-launcher.php index efb24761..4e5c518a 100644 --- a/ncp-web/ncp-launcher.php +++ b/ncp-web/ncp-launcher.php @@ -39,6 +39,7 @@ if ( $_POST['action'] == "cfgreq" ) // checkbox (yes/no) field if ( preg_match('/^(\w+)_=(yes|no)$/', $line, $matches) ) { + $checked = ""; if ( $matches[2] == "yes" ) $checked = "checked"; $output = $output . "<tr>"; diff --git a/ncp-web/ncp-output.php b/ncp-web/ncp-output.php index 750c71c6..6450250a 100644 --- a/ncp-web/ncp-output.php +++ b/ncp-web/ncp-output.php @@ -48,6 +48,12 @@ function follow($file) $size = 0; while (true) { + if ( !file_exists($file) ) + { + usleep(200000); // 0.2s + continue; + } + clearstatcache(); $currentSize = filesize($file); if ($size == $currentSize) diff --git a/ncp-web/wizard/index.php b/ncp-web/wizard/index.php index 1121b231..8ccf7ecd 100644 --- a/ncp-web/wizard/index.php +++ b/ncp-web/wizard/index.php @@ -9,6 +9,18 @@ <link href="CSS/wizard.css" rel="stylesheet"> <?php session_start(); + + // security headers + header("Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; object-src 'self';"); + header("X-XSS-Protection: 1; mode=block"); + header("X-Content-Type-Options: nosniff"); + header("X-Robots-Tag: none"); + header("X-Permitted-Cross-Domain-Policies: none"); + header("X-Frame-Options: DENY"); + header("Cache-Control: max-age=15778463"); + ini_set('session.cookie_httponly', 1); + if ( isset($_SERVER['HTTPS']) ) + ini_set('session.cookie_secure', 1); ?> </head> <body> |