fix: update X-Frame-Options to Content-Security-Policy for enhanced security

This commit is contained in:
Nik Afiq 2026-05-12 23:10:49 +09:00
parent d674fa9ddc
commit 8381be79e2

View File

@ -113,7 +113,7 @@ spec:
self.send_response(200)
self.send_header('Content-Type', 'text/html')
self.send_header('Content-Length', len(body))
self.send_header('X-Frame-Options', 'SAMEORIGIN')
self.send_header('Content-Security-Policy', 'frame-ancestors *')
self.end_headers()
self.wfile.write(body)
def log_message(self, *a): pass