mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-14 02:24:31 +00:00
Update StatusController
This commit is contained in:
parent
6c97b2162c
commit
026b59f025
3 changed files with 28 additions and 1 deletions
|
@ -95,7 +95,7 @@ class StatusController extends Controller
|
||||||
$showCaption = $request->filled('caption') && $request->caption !== false;
|
$showCaption = $request->filled('caption') && $request->caption !== false;
|
||||||
$layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full';
|
$layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full';
|
||||||
$content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout'));
|
$content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout'));
|
||||||
return response($content)->withHeaders(['x-frame-options' => 'ALLOWALL']);
|
return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function showObject(Request $request, $username, int $id)
|
public function showObject(Request $request, $username, int $id)
|
||||||
|
|
|
@ -29,6 +29,7 @@ class Kernel extends HttpKernel
|
||||||
protected $middlewareGroups = [
|
protected $middlewareGroups = [
|
||||||
'web' => [
|
'web' => [
|
||||||
\App\Http\Middleware\EncryptCookies::class,
|
\App\Http\Middleware\EncryptCookies::class,
|
||||||
|
\App\Http\Middleware\FrameGuard::class,
|
||||||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||||
\Illuminate\Session\Middleware\StartSession::class,
|
\Illuminate\Session\Middleware\StartSession::class,
|
||||||
// \Illuminate\Session\Middleware\AuthenticateSession::class,
|
// \Illuminate\Session\Middleware\AuthenticateSession::class,
|
||||||
|
|
26
app/Http/Middleware/FrameGuard.php
Normal file
26
app/Http/Middleware/FrameGuard.php
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
|
use Closure;
|
||||||
|
|
||||||
|
class FrameGuard
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Handle an incoming request.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
* @param \Closure $next
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function handle($request, Closure $next)
|
||||||
|
{
|
||||||
|
$response = $next($request);
|
||||||
|
|
||||||
|
if (!$response->headers->has('X-Frame-Options')) {
|
||||||
|
$response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue