Merge pull request #4461 from pi-hole/qr_iframe

Companion to pi-hole/adminlte #1996
This commit is contained in:
DL6ER 2021-12-20 21:51:05 +01:00 committed by GitHub
commit 3a67d1cf8d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions

View file

@ -85,8 +85,8 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("") url.access-deny = ("")
} }
# allow teleporter iframe on settings page # allow teleporter and API qr code iframe on settings page
$HTTP["url"] =~ "/teleporter\.php$" { $HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
$HTTP["referer"] =~ "/admin/settings\.php" { $HTTP["referer"] =~ "/admin/settings\.php" {
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" ) setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
} }

View file

@ -93,8 +93,8 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("") url.access-deny = ("")
} }
# allow teleporter iframe on settings page # allow teleporter and API qr code iframe on settings page
$HTTP["url"] =~ "/teleporter\.php$" { $HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
$HTTP["referer"] =~ "/admin/settings\.php" { $HTTP["referer"] =~ "/admin/settings\.php" {
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" ) setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
} }