Skip to content

Commit

Permalink
x_frame_options check: Check if header not empty, not just exist
Browse files Browse the repository at this point in the history
  • Loading branch information
Zapotek committed Dec 18, 2021
1 parent bafc02c commit 7544bba
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion components/checks/passive/grep/x_frame_options.rb
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@ class Arachni::Checks::XFrameOptions < Arachni::Check::Base
def run
return if audited?( page.parsed_url.host ) ||
page.response.headers.empty? ||
page.response.headers['X-Frame-Options'] || page.code != 200
!page.response.headers['X-Frame-Options'].to_s.empty? || page.code != 200

audited( page.parsed_url.host )

log(
Expand Down

0 comments on commit 7544bba

Please sign in to comment.