Add X-Frame-Options header to prevent clickjacking

LibrePhotos · Oct 3, 2024 · 92dc5a6 · 92dc5a6
1 parent 6fb13d5
commit 92dc5a6
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/proxy/nginx.conf b/proxy/nginx.conf
@@ -10,6 +10,8 @@ events {
 http {
   server {
     listen 80;
+
+    add_header X-Frame-Options "DENY";
 
     location / {
       # React routes are entirely on the App side in the web browser