From ed9f003d50c6e95ab9b7f6328503c0e58a93860c Mon Sep 17 00:00:00 2001
From: smart_ex <sergei.smart@gmail.com>
Date: Tue, 12 Apr 2022 19:36:40 +1000
Subject: [PATCH] block iframe

---
 src/router.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/router.js b/src/router.js
index 24d541c..469da1c 100644
--- a/src/router.js
+++ b/src/router.js
@@ -4,6 +4,7 @@ const router = require('express').Router()
 
 // Add CORS headers
 router.use((req, res, next) => {
+  res.header('X-Frame-Options', 'DENY')
   res.header('Access-Control-Allow-Origin', '*')
   res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept')
   next()