Allow setting X-FRAME-OPTIONS (#16643)

* Allow setting X-FRAME-OPTIONS This PR provides a mechanism to set the X-FRAME-OPTIONS header. Fix #7951 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
author: zeripath <art27@cantab.net> 2021-08-06 21:47:10 +0100
committer: GitHub <noreply@github.com> 2021-08-06 16:47:10 -0400
commit: afd88a2418efcef25058bf30df892471c3b68281 (patch)
tree: 62564fe9b49acaee7d45f36240dfa149ed6d9f21 /custom
parent: 067d82b5a6eb223ff6f6bfa1755e0a2c5bab1d3f (diff)
download: gitea-afd88a2418efcef25058bf30df892471c3b68281.tar.gz
gitea-afd88a2418efcef25058bf30df892471c3b68281.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 6ea31586a7..44516b5e64 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -993,6 +993,9 @@ PATH =
 ;;
 ;; allow request with credentials
 ;ALLOW_CREDENTIALS = false
+;;
+;; set X-FRAME-OPTIONS header
+;X_FRAME_OPTIONS = SAMEORIGIN
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
author	zeripath <art27@cantab.net>	2021-08-06 21:47:10 +0100
committer	GitHub <noreply@github.com>	2021-08-06 16:47:10 -0400
commit	afd88a2418efcef25058bf30df892471c3b68281 (patch)
tree	62564fe9b49acaee7d45f36240dfa149ed6d9f21 /custom
parent	067d82b5a6eb223ff6f6bfa1755e0a2c5bab1d3f (diff)
download	gitea-afd88a2418efcef25058bf30df892471c3b68281.tar.gz gitea-afd88a2418efcef25058bf30df892471c3b68281.zip