rdelaage
/
castopod
mirror of https://code.castopod.org/adaures/castopod.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(embeddable-player): enable any ancestor when X-Frame-Options is set on server

This commit is contained in:
Benjamin Bellamy 2021-03-01 15:59:07 +01:00
parent 4e5b11ba5f
commit 44a4962e0b
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controllers/Episode.php
View File

@ -88,6 +88,8 @@ class Episode extends BaseController
public function embeddablePlayer($theme = 'light-transparent')
{
header('Content-Security-Policy: frame-ancestors https://* http://*');
self::triggerWebpageHit($this->episode->podcast_id);
$session = \Config\Services::session();