Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
sealed class XFrameOptions {
object Deny : XFrameOptions() {
override fun toString() = "deny"
}
object SameOrigin : XFrameOptions() {
override fun toString() = "sameorigin"
}
class AllowFrom(val url: String) : XFrameOptions() {
override fun toString(): String = "allow-from $url"
}
}
routing {
route("api") {
applyFrameOptions(XFrameOptions.Deny)
get("fun1") { ... }
get("fun2") { ... }
}
route("some-part") {
route("a") {
applyFrameOptions(XFrameOptions.SameOrigin)
get("...") { ... }
}
route("b") {
applyFrameOptions(XFrameOptions.AllowFrom("https://jetbrains.com"))
get("...") { ... }
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment