From 52760d0b1ba260ed207fe1836670a4d104d0591e Mon Sep 17 00:00:00 2001
From: Rodolfo Berrios <20590102+rodber@users.noreply.github.com>
Date: Mon, 18 Oct 2021 15:57:28 -0300
Subject: [PATCH] no frames

---
 app/web.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/web.php b/app/web.php
index 06cf4fed..7805b0e4 100644
--- a/app/web.php
+++ b/app/web.php
@@ -148,6 +148,7 @@
 try {
     if (!isset($hook_before)) {
         $hook_before = function ($handler) {
+            header("Content-Security-Policy: frame-ancestors 'none'");
             $failed_access_requests = Requestlog::getCounts(['login', 'signup'], 'fail');
             if (is_max_invalid_request($failed_access_requests['day'])) {
                 G\set_status_header(403);