opnform/client/server/plugins/embeddable.js

14 lines
519 B
JavaScript
Raw Normal View History

2024-01-12 10:35:50 +00:00
export default defineNitroPlugin(nitroApp => {
nitroApp.hooks.hook('render:response', (response, { event }) => {
2024-01-12 10:44:59 +00:00
const routePath = event.node?.req?.url || event.node?.req?.originalUrl
// const routePath= event.context.params._
2024-01-12 11:00:01 +00:00
if (routePath && !routePath.startsWith('/forms/')) {
2024-01-16 10:23:16 +00:00
console.error('Not a form, setting X-Frame-Options', routePath)
2024-01-12 10:35:50 +00:00
// Only allow embedding of forms
response.headers['X-Frame-Options'] = 'sameorigin'
}
2024-01-12 11:00:01 +00:00
delete response.headers['x-powered-by']
2024-01-12 10:35:50 +00:00
})
})