add env var: UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN

pull/745/head
Louis Lam 2 years ago
parent c57c94642c
commit 5c3892313e

@ -31,14 +31,15 @@ WORKDIR /
RUN apt update && \
apt --yes install curl file
COPY --from=build /app /app
ARG VERSION=1.9.1
ARG GITHUB_TOKEN
ARG TARGETARCH
ARG PLATFORM=debian
ARG VERSION=1.9.0
ARG FILE=$PLATFORM-$TARGETARCH-$VERSION.tar.gz
ARG DIST=dist.tar.gz
COPY --from=build /app /app
RUN chmod +x /app/extra/upload-github-release-asset.sh
# Full Build

@ -77,6 +77,7 @@ const port = parseInt(process.env.UPTIME_KUMA_PORT || process.env.PORT || args.p
// SSL
const sslKey = process.env.UPTIME_KUMA_SSL_KEY || process.env.SSL_KEY || args["ssl-key"] || undefined;
const sslCert = process.env.UPTIME_KUMA_SSL_CERT || process.env.SSL_CERT || args["ssl-cert"] || undefined;
const disableFrameSameOrigin = !!process.env.UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN || false;
// 2FA / notp verification defaults
const twofa_verification_opts = {
@ -121,7 +122,9 @@ app.use(express.json());
// Global Middleware
app.use(function (req, res, next) {
res.setHeader("X-Frame-Options", "SAMEORIGIN");
if (disableFrameSameOrigin) {
res.setHeader("X-Frame-Options", "SAMEORIGIN");
}
res.removeHeader("X-Powered-By");
next();
});

Loading…
Cancel
Save