aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-18 22:44:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add CSP (Disable it if custom theming)

Browse Source
This commit is contained in:
nicolas.dorier
2018-07-12 17:38:21 +09:00
parent 6ea2d9175d
commit 976d9d0cda
12 changed files with 308 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
BTCPayServer/Filters/XFrameOptionsAttribute.cs
View File

@@ -23,11 +23,7 @@ namespace BTCPayServer.Filters
public void OnActionExecuting(ActionExecutingContext context)
{
var existing = context.HttpContext.Response.Headers["X-Frame-Options"].FirstOrDefault();
if (existing != null && Value == null)
context.HttpContext.Response.Headers.Remove("X-Frame-Options");
else
context.HttpContext.Response.Headers["X-Frame-Options"] = Value;
context.HttpContext.Response.SetHeaderOnStarting("X-Frame-Options", Value);
}
}
}