server/core/templates/layout.base.php
Ralph Slooten be42df8e48 Referrer fix (no-referrer)
Blocking referrer information should be done with "no-referrer" and not "never". See
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

Signed-off-by: Ralph Slooten <axllent@gmail.com>
2018-02-08 08:31:24 +13:00

23 lines
1.1 KiB
PHP

<!DOCTYPE html>
<html class="ng-csp" data-placeholder-focus="false" lang="<?php p($_['language']); ?>" >
<head data-requesttoken="<?php p($_['requesttoken']); ?>">
<meta charset="utf-8">
<title>
<?php p($theme->getTitle()); ?>
</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="referrer" content="no-referrer">
<meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0">
<meta name="theme-color" content="<?php p($theme->getColorPrimary()); ?>">
<link rel="icon" href="<?php print_unescaped(image_path('', 'favicon.ico')); /* IE11+ supports png */ ?>">
<link rel="apple-touch-icon-precomposed" href="<?php print_unescaped(image_path('', 'favicon-touch.png')); ?>">
<link rel="mask-icon" sizes="any" href="<?php print_unescaped(image_path('', 'favicon-mask.svg')); ?>" color="<?php p($theme->getColorPrimary()); ?>">
<?php emit_css_loading_tags($_); ?>
<?php emit_script_loading_tags($_); ?>
<?php print_unescaped($_['headers']); ?>
</head>
<body id="body-public">
<?php include 'layout.noscript.warning.php'; ?>
<?php print_unescaped($_['content']); ?>
</body>
</html>