Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Disallow iframe embed to set XFrameOptions=DENY
  • Loading branch information
tianzhou committed Oct 12, 2021
1 parent 3f53464 commit 76cf6c5
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions server/server.go
Expand Up @@ -93,6 +93,11 @@ func NewServer(logger *zap.Logger, version string, host string, port int, fronte
e.HideBanner = true
e.HidePort = true

// Disallow to be embeded in an iframe
e.Use(middleware.SecureWithConfig(middleware.SecureConfig{
XFrameOptions: "DENY",
}))

embedFrontend(logger, e)

s := &Server{
Expand Down

0 comments on commit 76cf6c5

Please sign in to comment.