2024-04-15 19:39:03 +02:00
|
|
|
export default defineNitroPlugin((nitroApp) => {
|
|
|
|
|
nitroApp.hooks.hook("render:response", (response, { event }) => {
|
2024-01-12 11:44:59 +01:00
|
|
|
const routePath = event.node?.req?.url || event.node?.req?.originalUrl
|
|
|
|
|
// const routePath= event.context.params._
|
2024-04-15 19:39:03 +02:00
|
|
|
if (routePath && !routePath.startsWith("/forms/")) {
|
2024-01-12 11:35:50 +01:00
|
|
|
// Only allow embedding of forms
|
2024-04-15 19:39:03 +02:00
|
|
|
response.headers["X-Frame-Options"] = "sameorigin"
|
2024-01-12 11:35:50 +01:00
|
|
|
}
|
2024-01-12 12:00:01 +01:00
|
|
|
|
2024-04-15 19:39:03 +02:00
|
|
|
delete response.headers["x-powered-by"]
|
2024-01-12 11:35:50 +01:00
|
|
|
})
|
|
|
|
|
})
|
