mercredi 1 avril 2015

X-XSS-Protection - alternative to disabling it

I use some very simple code to show/hide divs on a Wordpress site. However, the code does not work unless I disable X-XSS-Protection. Why is this? And how can I make the code work without disabling X-XSS-Protection?


Inserted as a PHP snippet header("X-XSS-Protection: 0");


Code to show/hide divs 



 <style><!-- .hide { display: none; } --></style>
    <div>Choosing:<br>
    <input name="tab" type="radio" value="igotone" onclick="show1();" />1<br>
    <input name="tab" type="radio" value="igottwo" onclick="show2();" />2<br>
    <input name="tab" type="radio" value="igotthree" onclick="show3();"/>3<br>
    <input name="tab" type="radio" value="igotfour" onclick="show4();" /> 4<br>
<br><br>

    <div id="div1" class="hide" style="width:100%">[sform]2[/sform]</div>
    <div id="div2" class="hide" style="width:100%">[sform]5[/sform]</div>
    <div id="div3" class="hide" style="width:100%">[sform]6[/sform]</div>
    <div id="div4" class="hide" style="width:100%">[sform]7[/sform]</div>


    </div>


+ javascript in the header of the site: 



<script type="text/javascript">// < ![CDATA[
// < ![CDATA[
// < ![CDATA[

function show1(){ 
document.getElementById('div1').style.display ='block';
document.getElementById('div2').style.display ='none';
document.getElementById('div3').style.display ='none';
document.getElementById('div4').style.display ='none';
} 

function show2(){ 
document.getElementById('div1').style.display = 'none';
document.getElementById('div2').style.display = 'block';
document.getElementById('div3').style.display = 'none';
document.getElementById('div4').style.display = 'none';
}

function show3(){ 
document.getElementById('div1').style.display = 'none';
document.getElementById('div2').style.display = 'none';
document.getElementById('div3').style.display = 'block';
document.getElementById('div4').style.display = 'none';
}

function show4(){ 
document.getElementById('div1').style.display = 'none';
document.getElementById('div2').style.display = 'none';
document.getElementById('div3').style.display = 'none';
document.getElementById('div4').style.display = 'block';
}

// ]]></script>

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)