f88adb9180
no issue
- by default the `/ghost/` route will add an `x-frame-options: sameorigin` header to the response to help protect the admin area against clickjacking
- the header can be disabled by adding `"adminFrameProtection": false` to the `config.{env}.json` configuration file
Credits: Muhammad Fawwad Obaida
|
||
|---|---|---|
| .. | ||
| admin | ||
| api/v2/content | ||
| middleware | ||
| shared/middleware | ||
| parent-app_spec.js | ||
| utils_spec.js | ||