Allow qr code iframe

Signed-off-by: Christian König <ckoenig@posteo.de>
This commit is contained in:
Christian König 2021-12-10 07:17:13 +01:00
parent 8d6ce78c65
commit 2eff53b2bb
No known key found for this signature in database
GPG Key ID: 4CDA6F249DD2B485
2 changed files with 8 additions and 4 deletions

View File

@ -93,9 +93,11 @@ $HTTP["url"] =~ "/teleporter\.php$" {
}
# allow API qr code iframe on settings page
$HTTP["url"] =~ "/admin/settings\.php$" {
$HTTP["url"] =~ "/api_token\.php$" {
$HTTP["referer"] =~ "/admin/settings\.php" {
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
}
}
# Default expire header
expire.url = ( "" => "access plus 0 seconds" )

View File

@ -101,9 +101,11 @@ $HTTP["url"] =~ "/teleporter\.php$" {
}
# allow API qr code iframe on settings page
$HTTP["url"] =~ "/admin/settings\.php$" {
$HTTP["url"] =~ "/api_token\.php$" {
$HTTP["referer"] =~ "/admin/settings\.php" {
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
}
}
# Default expire header
expire.url = ( "" => "access plus 0 seconds" )