Fix user impersonation

client/server/plugins/embeddable.js

@@ -3,6 +3,7 @@ export default defineNitroPlugin(nitroApp => {
     const routePath = event.node?.req?.url || event.node?.req?.originalUrl
     // const routePath= event.context.params._
     if (routePath && !routePath.startsWith('/forms/')) {
+      console.error('Not a form, setting X-Frame-Options', routePath)
       // Only allow embedding of forms
       response.headers['X-Frame-Options'] = 'sameorigin'
     }