Send X-Frame-Options: SAMEORIGIN for admin and login pages. see #12293

git-svn-id: http://svn.automattic.com/wordpress/trunk@17826 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/functions.php

@@ -4534,4 +4534,16 @@ function wp_find_hierarchy_loop_tortoise_hare( $callback, $start, $override = ar
 	return false;
 }
 
+/**
+ * Send a HTTP header to limit rendering of pages to same origin iframes.
+ *
+ * @link https://developer.mozilla.org/en/the_x-frame-options_response_header
+ *
+ * @since 3.2.0
+ * @return none
+ */
+function send_frame_options_header() {
+	@header( 'X-Frame-Options: SAMEORIGIN' );
+}
+
 ?>