mirror of
https://github.com/filegator/filegator.git
synced 2025-08-05 21:27:43 +02:00
anti-framing policy added with headers
This commit is contained in:
@@ -89,5 +89,11 @@ class Security implements Service
|
||||
die;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (empty($config['allow_insecure_overlays']) || !$config['allow_insecure_overlays']) {
|
||||
$this->response->headers->set('X-Frame-Options', 'sameorigin');
|
||||
$this->response->headers->set('Content-Security-Policy', 'frame-ancestors \'self\'');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@@ -72,6 +72,7 @@ return [
|
||||
'csrf_key' => "123456", // randomize this
|
||||
'ip_allowlist' => [],
|
||||
'ip_denylist' => [],
|
||||
'allow_insecure_overlays' => false,
|
||||
],
|
||||
],
|
||||
'Filegator\Services\View\ViewInterface' => [
|
||||
|
Reference in New Issue
Block a user