From 61e852da6057ab54c94506ff3b8cb6e021b524d8 Mon Sep 17 00:00:00 2001
From: Alek Ratzloff <alekratz@gmail.com>
Date: Fri, 10 Jun 2022 18:38:05 -0700
Subject: [PATCH] Allow SAMEORIGIN for X-Frame-Options

This was causing issues for iframes used by the Winbox library, it's
now fixed.

Signed-off-by: Alek Ratzloff <alekratz@gmail.com>
---
 threadchat/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/threadchat/settings.py b/threadchat/settings.py
index 8ce6033..ccd4860 100644
--- a/threadchat/settings.py
+++ b/threadchat/settings.py
@@ -126,6 +126,9 @@ STATIC_URL = "static/"
 # Default primary key field type
 # https://docs.djangoproject.com/en/4.0/ref/settings/#default-auto-field
 
+# X-Frame-Options header from XFrameOptionsMiddleware
+X_FRAME_OPTIONS = "SAMEORIGIN"
+
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
 # Media root - where media files are stored on the disk