rmorawski/standardnotes-app-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow iframe

Browse Source
This commit is contained in:
Mo Bitar
2017-02-27 09:12:30 -06:00
parent b4821073cc
commit 7c01b22159
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/controllers/application_controller.rb
View File

@@ -1,10 +1,10 @@
class ApplicationController < ActionController::Base class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :null_session protect_from_forgery with: :null_session
after_action :set_csrf_cookie after_action :set_csrf_cookie
after_action :allow_iframe
layout :false layout :false
def frontend def frontend
@@ -13,8 +13,13 @@ class ApplicationController < ActionController::Base
rescue_from ActionView::MissingTemplate do |exception| rescue_from ActionView::MissingTemplate do |exception|
end end
protected protected
def allow_iframe
response.headers.except! 'X-Frame-Options'
end
def set_app_domain def set_app_domain
@appDomain = request.domain @appDomain = request.domain
@appDomain << ':' + request.port.to_s unless request.port.blank? @appDomain << ':' + request.port.to_s unless request.port.blank?