From 1e03648387cf5efb9b7fdf99366b2d8a1f8d8ea0 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 7 Jan 2023 14:40:22 -0300
Subject: Adds x_frame_options and fix other params

---
 templates/site-ssl.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'templates')

diff --git a/templates/site-ssl.erb b/templates/site-ssl.erb
index 5b9ce04..c852954 100644
--- a/templates/site-ssl.erb
+++ b/templates/site-ssl.erb
@@ -15,7 +15,7 @@ server {
   # clickjacking protection
   add_header X-Content-Type-Options nosniff;
   add_header X-XSS-Protection "1; mode=block";
-  add_header X-Frame-Options DENY;
+  add_header X-Frame-Options <%= @x_frame_options %>;
 
   location / {
     # preserve http header and set forwarded proto
-- 
cgit v1.2.3