Merge iFrame exceptions
Signed-off-by: Christian König <ckoenig@posteo.de>
This commit is contained in:
parent
2eff53b2bb
commit
28085cf7d8
|
@ -85,15 +85,8 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
|
|||
url.access-deny = ("")
|
||||
}
|
||||
|
||||
# allow teleporter iframe on settings page
|
||||
$HTTP["url"] =~ "/teleporter\.php$" {
|
||||
$HTTP["referer"] =~ "/admin/settings\.php" {
|
||||
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
|
||||
}
|
||||
}
|
||||
|
||||
# allow API qr code iframe on settings page
|
||||
$HTTP["url"] =~ "/api_token\.php$" {
|
||||
# allow teleporter and API qr code iframe on settings page
|
||||
$HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
|
||||
$HTTP["referer"] =~ "/admin/settings\.php" {
|
||||
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
|
||||
}
|
||||
|
|
|
@ -93,15 +93,8 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
|
|||
url.access-deny = ("")
|
||||
}
|
||||
|
||||
# allow teleporter iframe on settings page
|
||||
$HTTP["url"] =~ "/teleporter\.php$" {
|
||||
$HTTP["referer"] =~ "/admin/settings\.php" {
|
||||
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
|
||||
}
|
||||
}
|
||||
|
||||
# allow API qr code iframe on settings page
|
||||
$HTTP["url"] =~ "/api_token\.php$" {
|
||||
# allow teleporter and API qr code iframe on settings page
|
||||
$HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
|
||||
$HTTP["referer"] =~ "/admin/settings\.php" {
|
||||
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue