From eebe473f13f6149b4b75bd867fd77e2161823a15 Mon Sep 17 00:00:00 2001 From: ansuz Date: Mon, 31 Jul 2017 15:43:47 +0200 Subject: [PATCH] reenable same-origin CSP --- config.example.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.example.js b/config.example.js index ed6ce7dbf..749fe4793 100644 --- a/config.example.js +++ b/config.example.js @@ -18,7 +18,7 @@ module.exports = { httpHeaders: { "X-XSS-Protection": "1; mode=block", "X-Content-Type-Options": "nosniff", - // 'X-Frame-Options': 'SAMEORIGIN', + 'X-Frame-Options': 'SAMEORIGIN', }, contentSecurity: [