glenux-contrib/metamaps--metamaps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

allow embedding

Browse source
This commit is contained in:
Devin Howard 2016-02-19 09:23:39 +08:00
parent 5dc32186e8
commit 7b9c6459e3
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/controllers/application_controller.rb
View file

@ -2,6 +2,7 @@ class ApplicationController < ActionController::Base
protect_from_forgery protect_from_forgery
before_filter :get_invite_link before_filter :get_invite_link
after_action :allow_embedding
# this is for global login # this is for global login
include ContentHelper include ContentHelper
@ -69,4 +70,11 @@ private
safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : '//metamaps.cc/' safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : '//metamaps.cc/'
@invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "") @invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "")
end end
def allow_embedding
#allow all
response.headers.except! 'X-Frame-Options'
# or allow a whitelist
# response.headers['X-Frame-Options'] = 'ALLOW-FROM http://blog.metamaps.cc'
end
end end