mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-03-29 04:23:34 +01:00
5 lines
405 B
Django/Jinja
5 lines
405 B
Django/Jinja
add_header X-Frame-Options "SAMEORIGIN" always; # Allow iframe embedding only from the same origin
|
|
{% if landingpage_iframe_enabled | default(applications.get(application_id).get('landingpage_iframe_enabled')) | bool %}
|
|
add_header Content-Security-Policy "frame-ancestors {{primary_domain}};" always; # Restrict embedding to the specified primary domain
|
|
{% endif %}
|