tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow x-frame on same origin in order for jellyfin SSO to work

Browse source
This commit is contained in:
Théo Barnouin 2024-10-16 12:13:08 +02:00
parent a420f97a2a
commit cf429a8041
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/nginx/default.nix
View file

@ -63,7 +63,7 @@ in
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
# Disable embedding as a frame # Disable embedding as a frame
add_header X-Frame-Options DENY; add_header X-Frame-Options SAMEORIGIN;
# Prevent injection of code in other mime types (XSS Attacks) # Prevent injection of code in other mime types (XSS Attacks)
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;