From f3a3fb047ef01286da31e92c5ab2c258135407d2 Mon Sep 17 00:00:00 2001
From: Alex Tselegidis <alextselegidis@gmail.com>
Date: Wed, 8 Mar 2023 10:48:37 +0100
Subject: [PATCH] Add the X-Frame-Options header to the app

---
 application/config/routes.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/application/config/routes.php b/application/config/routes.php
index 5249eee4..15ab0ef5 100644
--- a/application/config/routes.php
+++ b/application/config/routes.php
@@ -57,6 +57,22 @@ $route['404_override'] = '';
 
 $route['translate_uri_dashes'] = FALSE;
 
+/*
+| -------------------------------------------------------------------------
+| FRAME OPTIONS HEADERS
+| -------------------------------------------------------------------------
+| Set the appropriate headers so that iframe control and permissions are 
+| properly configured.
+|
+| Options:
+|
+|   - DENY 
+|   - SAMEORIGIN 
+|
+*/
+
+header('X-Frame-Options: SAMEORIGIN');
+
 /*
 | -------------------------------------------------------------------------
 | CORS HEADERS