From 32eba7ab7a1e500033be6f7c039be7574e1b01d0 Mon Sep 17 00:00:00 2001 From: Tienson Qin Date: Sun, 12 Dec 2021 17:24:26 +0800 Subject: [PATCH] fix: intercept on incoming requests to disable x-frame-options --- src/electron/electron/core.cljs | 5 ++++- src/electron/electron/utils.js | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 src/electron/electron/utils.js diff --git a/src/electron/electron/core.cljs b/src/electron/electron/core.cljs index 2b137c75d..b5439e502 100644 --- a/src/electron/electron/core.cljs +++ b/src/electron/electron/core.cljs @@ -15,7 +15,8 @@ ["electron-window-state" :as windowStateKeeper] [clojure.core.async :as async] [electron.state :as state] - [electron.git :as git])) + [electron.git :as git] + ["/electron/utils" :as utils])) (defonce LSP_SCHEME "lsp") (defonce LSP_PROTOCOL (str LSP_SCHEME "://")) @@ -295,6 +296,8 @@ *quitting? (atom false)] (.. logger (info (str "Logseq App(" (.getVersion app) ") Starting... "))) + (utils/disableXFrameOptions win) + (when (search/version-changed?) (search/rm-search-dir!)) diff --git a/src/electron/electron/utils.js b/src/electron/electron/utils.js new file mode 100644 index 000000000..4782124f0 --- /dev/null +++ b/src/electron/electron/utils.js @@ -0,0 +1,18 @@ +// workaround from https://github.com/electron/electron/issues/426#issuecomment-658901422 +// We set an intercept on incoming requests to disable x-frame-options +// headers. + +export const disableXFrameOptions = (win) => { + win.webContents.session.webRequest.onHeadersReceived({ urls: [ "*://*/*" ] }, + (d, c)=>{ + if(d.responseHeaders['X-Frame-Options']){ + delete d.responseHeaders['X-Frame-Options']; + } else if(d.responseHeaders['x-frame-options']) { + delete d.responseHeaders['x-frame-options']; + } + + c({cancel: false, responseHeaders: d.responseHeaders}); + } + ); + +};