src/main/java/com/gitblit/wicket/pages/BasePage.java @@ -166,6 +166,9 @@ // use default Wicket caching behavior super.setHeaders(response); } // XRF vulnerability. issue-500 / ticket-166 response.setHeader("X-Frame-Options", "SAMEORIGIN"); } /**
