Skip to content

Instantly share code, notes, and snippets.

@jgwill
Created December 12, 2018 01:30
Show Gist options
  • Save jgwill/1631801422891161071c07ea53d35bbb to your computer and use it in GitHub Desktop.
Save jgwill/1631801422891161071c07ea53d35bbb to your computer and use it in GitHub Desktop.
Enable X-Frame-Options on express.js
const frameguard = require('frameguard')
// Don't allow me to be in ANY frames:
app.use(frameguard({ action: 'deny' }))
// Only let me be framed by people of the same origin:
app.use(frameguard({ action: 'sameorigin' }))
app.use(frameguard()) // defaults to sameorigin
// Allow from a specific host:
app.use(frameguard({
action: 'allow-from',
domain: 'http://example.com'
}))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment