f88adb9180
no issue
- by default the `/ghost/` route will add an `x-frame-options: sameorigin` header to the response to help protect the admin area against clickjacking
- the header can be disabled by adding `"adminFrameProtection": false` to the `config.{env}.json` configuration file
Credits: Muhammad Fawwad Obaida
|
||
|---|---|---|
| .. | ||
| views | ||
| app.js | ||
| controller.js | ||
| index.js | ||
| middleware.js | ||
| serviceworker.js | ||