mirror/quickdrop
1
0
Fork 0
mirror of https://github.com/RoastSlav/quickdrop.git synced 2025-12-29 18:49:58 -06:00
Code Issues Packages Projects Releases Wiki Activity

added a header to allow embedding in iframes

Browse Source
This commit is contained in:
Rostislav Raykov
2024-12-09 17:05:10 +02:00
parent 651b3d720c
commit bd8b831f3d
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/org/rostislav/quickdrop/config/SecurityConfig.java
View File

@@ -9,6 +9,7 @@ import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.bcrypt.BCrypt;
@@ -46,7 +47,7 @@ public class SecurityConfig {
.authenticationProvider(authenticationProvider())
.csrf(csrf -> csrf
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
);
).headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable));
} else {
http
.authorizeHttpRequests(authz -> authz
@@ -54,7 +55,7 @@ public class SecurityConfig {
)
.csrf(csrf -> csrf
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
);
).headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable));
}
return http.build();