From: Evan Prodromou <evan@status.net>
Date: Fri, 5 Aug 2011 14:42:18 +0000 (-0400)
Subject: Properly structure X-XSS-Protection header
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=0502e1d737af1586a7a280be005e55d85c71175a;p=quix0rs-gnu-social.git

Properly structure X-XSS-Protection header
---

diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php
index e358b2be5d..9a43ef069e 100644
--- a/lib/htmloutputter.php
+++ b/lib/htmloutputter.php
@@ -111,7 +111,7 @@ class HTMLOutputter extends XMLOutputter
 	// Output anti-framing headers to prevent clickjacking (respected by newer
         // browsers).
 	if (common_config('javascript', 'bustframes')) {
-            header('X-XSS-Protection 1; mode=block'); // detect XSS Reflection attacks
+            header('X-XSS-Protection: 1; mode=block'); // detect XSS Reflection attacks
             header('X-Frame-Options: SAMEORIGIN'); // no rendering if origin mismatch
         }