Change X-Frame-Options to SAMEORIGIN

Signed-off-by: Tommy <contact@tommytran.io>
2024-10-01 08:25:44 -04:00 · 2023-04-12 07:58:38 -04:00 · 2023-04-12 07:58:38 -04:00 · 0ed328280e
commit 0ed328280e
parent 61f3a4c088
1 changed files with 1 additions and 1 deletions
--- a/swag/nginx/ssl.conf
+++ b/swag/nginx/ssl.conf
@ -33,7 +33,7 @@ add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autopl
 add_header Referrer-Policy "same-origin" always;
 add_header X-Content-Type-Options "nosniff" always;
 #add_header X-UA-Compatible "IE=Edge" always;
-add_header X-Frame-Options "DENY" always;
+add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-XSS-Protection "0" always;
 add_header Cross-Origin-Resource-Policy cross-origin;
 add_header Cross-Origin-Opener-Policy same-origin;