GuanM/tabby-web
1
0
Fork 0
mirror of https://github.com/Eugeny/tabby-web.git synced 2025-09-12 19:34:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

updated CSP

Browse Source
This commit is contained in:
Eugene Pankov
2022-11-08 10:50:05 +01:00
parent b95b612a0b
commit 6379814a08
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/tabby/app/views.py
View File

@@ -26,6 +26,7 @@ class TerminalView(APIView):
response = static.serve(
request, "terminal.html", document_root=str(settings.STATIC_ROOT)
)
response["Content-Security-Policy"] = "frame-ancestors 'self' https://tabby.sh;"
response["X-Frame-Options"] = "SAMEORIGIN"
return response
@@ -35,7 +36,8 @@ class DemoView(APIView):
response = static.serve(
request, "demo.html", document_root=str(settings.STATIC_ROOT)
)
response["Content-Security-Policy"] = "frame-ancestors https://tabby.sh"
response["Content-Security-Policy"] = "frame-ancestors 'self' https://tabby.sh;"
response['X-Frame-Options'] = 'ALLOW-FROM https://tabby.sh'
return response