Setting up Iframe protection #1178
Conversation
|
@enmaboya if you pull in master, it should fix the issue with the allowed plugins error but you'll need to fix the linting issue still. |
|
@Kyon147 linting has been updated |
|
Thanks @enmaboya Could you also write a test for your new code, as the coverage drops by 1% due to the file being included.
We should be good after a test it written that covers your new code. |
|
@Kyon147 test added |
|
Thanks for your work on this @enmaboya 👍 @osiset can you take a look at approve too, it will be good to get this out with laravel 9 as this blocks app store approvals at the moment without the iframe protection. |
|
@Kyon147 Just reviewed it, I am good with it to merged in! |
|
Thanks @osiset will sort it out later to master and it can be part of the next release candidate for laravel 9 support. Will sort v17.2.0 next week so we can have the new version out. |
At the moment, if you do not set some of the headers, the application will not pass the review.
This header (frame-ancestors) allows you to open the application in an iframe only from an allowed domain