summaryrefslogtreecommitdiff
path: root/includes/DefaultSettings.php
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2012-09-02 15:19:34 +0200
committerPierre Schmitz <pierre@archlinux.de>2012-09-02 15:19:34 +0200
commit9498a3d2852ace0f4ee23598f542dbce3fd2ec28 (patch)
tree5aeced25a9fc09f93682788259f5c7d6d248634d /includes/DefaultSettings.php
parent588cc40aeec0165400421ef9612e81b6d2c7b936 (diff)
Update to MediaWiki 1.19.2
Diffstat (limited to 'includes/DefaultSettings.php')
-rw-r--r--includes/DefaultSettings.php14
1 files changed, 13 insertions, 1 deletions
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 1034ea2e..acd89bde 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -33,7 +33,7 @@ $wgConf = new SiteConfiguration;
/** @endcond */
/** MediaWiki version number */
-$wgVersion = '1.19.1';
+$wgVersion = '1.19.2';
/** Name of the site. It must be changed in LocalSettings.php */
$wgSitename = 'MediaWiki';
@@ -2420,6 +2420,18 @@ $wgBreakFrames = false;
$wgEditPageFrameOptions = 'DENY';
/**
+ * Disallow framing of API pages directly, by setting the X-Frame-Options
+ * header. Since the API returns CSRF tokens, allowing the results to be
+ * framed can compromise your user's account security.
+ * Options are:
+ * - 'DENY': Do not allow framing. This is recommended for most wikis.
+ * - 'SAMEORIGIN': Allow framing by pages on the same domain.
+ * - false: Allow all framing.
+ */
+
+$wgApiFrameOptions = 'DENY';
+
+/**
* Disable output compression (enabled by default if zlib is available)
*/
$wgDisableOutputCompression = false;