Makes detection of x-frame-options value case insensitive

In other words, sameorigin == SAMEORIGIN == saMeOriGIN

This is in line with the spec for the header:

https://tools.ietf.org/html/rfc7034
master
Jonathan Hodgson 4 years ago
parent f5d78bfb9c
commit e77aa36e70
  1. 2
      bin/.bin/webtest/analyse-headers

@ -118,7 +118,7 @@ of old browsers\n\n"
test_x-frame-options(){ test_x-frame-options(){
local value local value
value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)" value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace | tr '[:lower:]' '[:upper:]')"
case "$value" in case "$value" in
"SAMEORIGIN"|"DENY") return 0 ;; "SAMEORIGIN"|"DENY") return 0 ;;
"ALLOW-FROM"*) "ALLOW-FROM"*)

Loading…
Cancel
Save