web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

reenable same-origin CSP

Browse Source
This commit is contained in:
ansuz
2017-07-31 15:43:47 +02:00
parent 542d0cd17f
commit eebe473f13
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config.example.js
View File

@@ -18,7 +18,7 @@ module.exports = {
httpHeaders: { httpHeaders: {
"X-XSS-Protection": "1; mode=block", "X-XSS-Protection": "1; mode=block",
"X-Content-Type-Options": "nosniff", "X-Content-Type-Options": "nosniff",
// 'X-Frame-Options': 'SAMEORIGIN', 'X-Frame-Options': 'SAMEORIGIN',
}, },
contentSecurity: [ contentSecurity: [