From 50642ad062fd1fcf46c0f40851e8d97446b0d05b Mon Sep 17 00:00:00 2001
From: Fernando Takagi <fernando@heroiclabs.com>
Date: Wed, 6 Jul 2022 10:10:26 -0300
Subject: [PATCH] Prevent the devconsole from being loaded in iframes. (#880)

---
 server/console.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/console.go b/server/console.go
index 215fe5d82..d53b97d03 100644
--- a/server/console.go
+++ b/server/console.go
@@ -396,6 +396,7 @@ func registerDashboardHandlers(logger *zap.Logger, router *mux.Router) {
 		}
 
 		w.Header().Add("Cache-Control", "no-cache")
+		w.Header().Set("X-Frame-Options", "deny")
 		w.Write(indexBytes)
 		return
 	}