From 1dcf1f78bae75fbd0197b8884f03f7a21c73e88a Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Mon, 19 Feb 2024 15:12:17 +0300
Subject: [PATCH] test frame options

---
 sp-modules/bitwarden/module.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sp-modules/bitwarden/module.nix b/sp-modules/bitwarden/module.nix
index 5bd22f5..9b2d1c9 100644
--- a/sp-modules/bitwarden/module.nix
+++ b/sp-modules/bitwarden/module.nix
@@ -83,7 +83,7 @@ in
         add_header Strict-Transport-Security $hsts_header;
         #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
         add_header 'Referrer-Policy' 'origin-when-cross-origin';
-        add_header X-Frame-Options DENY;
+        add_header X-Frame-Options SAMEORIGIN;
         add_header X-Content-Type-Options nosniff;
         add_header X-XSS-Protection "1; mode=block";
         proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";