Skip to content

3.8.4.2
Compare
Choose a tag to compare
@afbora afbora released this 10 Aug 19:25
3.8.4.2
844cc00
This commit was signed with the committer’s verified signature.
afbora Ahmet Bora
GPG key ID: 1D3CACF0747E95C2
Learn about vigilant mode.

🎉 Features

The Content-Security-Policy: frame-ancestors header sent by the Panel (introduced in 3.8.4.1) can now be customized with an option if needed:

return [
  'panel' => [
    // allow frame embedding from the same domain
    'frameAncestors' => true,

    // allow frame embedding from the same *and* from the specified domains
    'frameAncestors' => ['*.example.com', 'https://example.com'],

    // allow frame embedding on any domain (not recommended)
    'frameAncestors' => '*',
  ]
];
Assets 2