add x-frame headers

9678a1d4 · David McMullin · 9723c4ab · 9678a1d4 · 9678a1d4
Commit 9678a1d4 authored Nov 18, 2012 by David McMullin
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

Gemfile Gemfile +4 -0

config.ru config.ru +2 -0

No files found.
--- a/Gemfile
+++ b/Gemfile
@@ -12,6 +12,10 @@ gem 'rails_autolink', '1.0.9'

 gem 'rack-cors', '0.2.7', :require => 'rack/cors'

+# click-jacking protection
+
+gem 'rack-protection', '1.2'
+
 # authentication

 gem 'devise', '2.1.2'

--- a/config.ru
+++ b/config.ru
@@ -14,4 +14,6 @@ if defined?(Unicorn)
 end
 use Rack::Deflater
 use Rack::ChromeFrame, :minimum => 8
+use Rack::Protection::FrameOptions
+
 run Diaspora::Application