Introduce X-Frame-Origin header Change-Id: Ia9b66297c68f819b26158c79fb2da6572c784898

commit: 88fc41cb41d388922314b76ddfe841a750bcd0e2 [log] [tgz]
author: Akron <nils@diewald-online.de> Thu Jan 21 15:25:49 2021 +0100
committer: Akron <nils@diewald-online.de> Thu Jan 28 12:45:18 2021 +0100
tree: e424adfd735feb54be4cc1ffad86191e42bbe06a
parent: 5b6d727f4a0d7f7a5a9353e0b2e40c3d9ff57d2e [diff] [blame]
diff --git a/lib/Kalamar.pm b/lib/Kalamar.pm
index 8efd919..a7c360b 100644
--- a/lib/Kalamar.pm
+++ b/lib/Kalamar.pm

@@ -112,6 +112,7 @@
     before_dispatch => sub {
       my $h = shift->res->headers;
       $h->header('X-Content-Type-Options' => 'nosniff');
+      $h->header('X-Frame-Options' => 'sameorigin');
       $h->header(
         'Access-Control-Allow-Methods' =>
           $h->header('Access-Control-Allow-Methods') // 'GET, POST, OPTIONS'
commit	88fc41cb41d388922314b76ddfe841a750bcd0e2	[log] [tgz]
author	Akron <nils@diewald-online.de>	Thu Jan 21 15:25:49 2021 +0100
committer	Akron <nils@diewald-online.de>	Thu Jan 28 12:45:18 2021 +0100
tree	e424adfd735feb54be4cc1ffad86191e42bbe06a
parent	5b6d727f4a0d7f7a5a9353e0b2e40c3d9ff57d2e [diff] [blame]