Skip to content

Commit bd2a31b

Browse files
committed
Add X-Frame-Options: DENY header
1 parent 8b6aec3 commit bd2a31b

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

Diff for: src/pyload/webui/app/__init__.py

+6-1
Original file line numberDiff line numberDiff line change
@@ -60,11 +60,16 @@ def _configure_themes(cls, app, path_prefix=""):
6060
@classmethod
6161
def _configure_handlers(cls, app):
6262
"""
63-
Register error handlers.
63+
Register app handlers.
6464
"""
6565
for exc, fn in cls.FLASK_ERROR_HANDLERS:
6666
app.register_error_handler(exc, fn)
6767

68+
@app.after_request
69+
def deny_iframe(response):
70+
response.headers["X-Frame-Options"] = "DENY"
71+
return response
72+
6873
@classmethod
6974
def _configure_json_encoding(cls, app):
7075
app.json_encoder = JSONEncoder

0 commit comments

Comments
 (0)