From 2be42d0a84905f126566c87dc67ca9130d551430 Mon Sep 17 00:00:00 2001
From: Philipp Rothmann <philipprothmann@posteo.de>
Date: Tue, 11 Oct 2022 16:12:04 +0200
Subject: [PATCH] fix frame ancestors

---
 nginx.conf.tmpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/nginx.conf.tmpl b/nginx.conf.tmpl
index befb5a7..f0e8219 100644
--- a/nginx.conf.tmpl
+++ b/nginx.conf.tmpl
@@ -67,8 +67,7 @@ http {
         add_header X-XSS-Protection                     "1; mode=block" always;
 
         {{ if eq (env "X_FRAME_OPTIONS_ENABLED") "1" }}
-        add_header X-Frame-Options                      "{{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}"    always;
-        add_header Content-Security-Policy              "frame-ancestors {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}";
+        add_header Content-Security-Policy              "frame-ancestors {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }} {{ env "DOMAIN" }}";
         {{ else }}
         add_header X-Frame-Options                      "SAMEORIGIN"    always;
         {{ end }}