v8.0

+ DietPi-Software | Pi-hole: Pro-actively add API QR code X-Frame-Options header

.conf/dps_93/apache.pihole.conf

@@ -12,13 +12,13 @@
 	Header set X-Pi-hole "The Pi-hole Web interface is working!"
 	Header set X-Frame-Options "DENY"
 
-	# Allow teleporter iframe on settings page
-	<Files teleporter.php>
+	# Allow teleporter and API QR code iframes on settings page
+	<FilesMatch "^(teleporter|api_token)\.php$">
 		Header set X-Frame-Options "SAMEORIGIN" "expr=%{HTTP_REFERER} =~ m#/admin/settings\.php#"
 	</Files>
 
 	# Block . files from being served, such as .git, .github, .gitignore
-	<Files ~ "^\.">
+	<FilesMatch "^\.">
 		Require all denied
 	</Files>
 

.conf/dps_93/lighttpd.pihole.conf

@@ -8,8 +8,8 @@ $HTTP["url"] =~ "^(/html)?/admin/" {
 		"X-Frame-Options" => "DENY"
 	)
 
-	# Allow teleporter iframe on settings page
-	$HTTP["url"] =~ "/teleporter\.php$" {
+	# Allow teleporter and API QR code iframes on settings page
+	$HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
 		$HTTP["referer"] =~ "/admin/settings\.php" {
 			setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
 		}

.conf/dps_93/nginx.pihole.conf

@@ -1,7 +1,7 @@
 # Based on: https://github.com/pi-hole/pi-hole/blob/master/advanced/lighttpd.conf.debian
 
-# Allow teleporter iframe on settings page
-location ~ ^(?:/html|)/admin/scripts/pi-hole/php/teleporter\.php$ {
+# Allow teleporter and API QR code iframes on settings page
+location ~ ^(?:/html|)/admin/scripts/pi-hole/php/(?:teleporter|api_token)\.php$ {
 	# PHP handler block
 	fastcgi_pass php;
 	include snippets/fastcgi-php.conf;