hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Disable framing

Browse Source 
Set the X-Frame-Options to DENY for added security.
v1.18.x
Jet 11 years ago
parent 6c3e121b6c
commit 73dafa6aff
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File

4
src/webserver.js
Unescape Escape View File

@ -112,6 +112,10 @@ var express = require('express'),
app.use(function (req, res, next) { app.use(function (req, res, next) {
nconf.set('https', req.secure); nconf.set('https', req.secure);
res.locals.csrf_token = req.session._csrf; res.locals.csrf_token = req.session._csrf;
// Disable framing
res.setHeader "x-frame-options", "DENY"
next(); next();
}); });

Write Preview
Loading…
Cancel
Save