groot/automatisch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: prevent from being used in iframe

Browse Source
This commit is contained in:
Ali BARIN
2023-06-04 21:18:22 +00:00
parent a2dd6d76a8
commit 75d5c0e356
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/backend/src/helpers/web-ui-handler.ts
View File

@@ -10,7 +10,12 @@ const webUIHandler = async (app: Application) => {
const indexHtml = join(dirname(webAppPath), 'build', 'index.html');
app.use(express.static(webBuildPath));
app.get('*', (_req, res) => res.sendFile(indexHtml));
app.get('*', (_req, res) => {
res.set('Content-Security-Policy', 'frame-ancestors: none;');
res.set('X-Frame-Options', 'DENY');
res.sendFile(indexHtml);
});
};
export default webUIHandler;