Skip to content

Commit

Permalink
Fix X-Frame-Option to prevent clickjacking (#559)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jakubno
jakubno authored Jan 29, 2025
2 parents dde83b7 + b31dd7b commit e8e4cab
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions apps/web/next.config.mjs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,16 @@ const codeSnippetsDir = path.resolve('./src/code')
const nextConfig = {
pageExtensions: ['js', 'jsx', 'ts', 'tsx', 'mdx'],
basePath: '',
headers: async () => [
{
source: '/:path*',
headers: [{
// config to prevent the browser from rendering the page inside a frame or iframe and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
key: 'X-Frame-Options',
value: 'SAMEORIGIN'
}],
}
],
webpack: config => {
const codeFilesHash = getFilesHash(codeSnippetsDir)
config.cache.version = config.cache.version + delimiter + codeFilesHash
Expand Down

0 comments on commit e8e4cab

Please sign in to comment.