|
|
|
@ -77,6 +77,7 @@ const port = parseInt(process.env.UPTIME_KUMA_PORT || process.env.PORT || args.p
|
|
|
|
|
// SSL
|
|
|
|
|
const sslKey = process.env.UPTIME_KUMA_SSL_KEY || process.env.SSL_KEY || args["ssl-key"] || undefined;
|
|
|
|
|
const sslCert = process.env.UPTIME_KUMA_SSL_CERT || process.env.SSL_CERT || args["ssl-cert"] || undefined;
|
|
|
|
|
const disableFrameSameOrigin = !!process.env.UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN || false;
|
|
|
|
|
|
|
|
|
|
// 2FA / notp verification defaults
|
|
|
|
|
const twofa_verification_opts = {
|
|
|
|
@ -121,7 +122,9 @@ app.use(express.json());
|
|
|
|
|
|
|
|
|
|
// Global Middleware
|
|
|
|
|
app.use(function (req, res, next) {
|
|
|
|
|
res.setHeader("X-Frame-Options", "SAMEORIGIN");
|
|
|
|
|
if (disableFrameSameOrigin) {
|
|
|
|
|
res.setHeader("X-Frame-Options", "SAMEORIGIN");
|
|
|
|
|
}
|
|
|
|
|
res.removeHeader("X-Powered-By");
|
|
|
|
|
next();
|
|
|
|
|
});
|
|
|
|
|