Merge pull request #580 from Joopmicroop/patch-1

Allow same origin framing
11 years ago · 3cef5fce2b
parent c5f9f896b2 7d0f160c4c
commit 3cef5fce2b
1 changed files with 1 additions and 1 deletions
--- a/src/webserver.js
+++ b/src/webserver.js
@ -159,7 +159,7 @@ var path = require('path'),
 					res.locals.csrf_token = req.session._csrf;
 					// Disable framing
-					res.setHeader('X-Frame-Options', 'DENY');
+					res.setHeader('X-Frame-Options', 'SAMEORIGIN');
 					next();
 				});