mirror/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter.git synced 2026-02-22 06:30:00 -06:00
Code Issues Packages Projects Releases Wiki Activity

Disable iframing of the main domain

Browse Source
This commit is contained in:
Nariman Jelveh
2024-04-22 14:09:32 -07:00
parent 874928e845
commit ef35a04c4a
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/backend/src/services/WebServerService.js
View File

@@ -336,6 +336,13 @@ class WebServerService extends BaseService {
// res.setHeader('Cross-Origin-Embedder-Policy', 'require-corp')
res.setHeader('Cross-Origin-Resource-Policy', 'cross-origin');
// Pass to next layer of middleware
// disable iframes on the main domain
if ( req.hostname === config.domain ) {
// disable iframes
res.setHeader('X-Frame-Options', 'SAMEORIGIN');
}
next();
});