Skip to content

Commit d9bc439

Browse files
luizrrodriguesluizrrodrigues
committed
DocuSign request, remove X-Frame_Options
1 parent ccf1c9b commit d9bc439

File tree

1 file changed

+1
-13
lines changed

1 file changed

+1
-13
lines changed

src/server/index.js

Lines changed: 1 addition & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -212,19 +212,7 @@ async function onExpressJsSetup(server) {
212212
server.use(
213213
'/community-app-assets/iframe-break',
214214
(req, res) => {
215-
const allowedOrigins = [
216-
`https://${config.URL.COMMUNITY_APP}`,
217-
`https://${config.URL.PLATFORM_SITE_URL}`,
218-
];
219-
const { origin } = req.headers;
220-
if (allowedOrigins.includes(origin)) {
221-
res.header('Access-Control-Allow-Origin', origin);
222-
}
223-
res.header('Access-Control-Allow-Methods', 'GET,HEAD,OPTIONS');
224-
res.header(
225-
'Access-Control-Allow-Headers',
226-
'Origin, X-Requested-With, Content-Type, Accept, Authorization',
227-
);
215+
res.removeHeader('X-Frame-Options');
228216
res.send(`<script>parent.postMessage(${serializeJs({ ...req.query, type: 'DocuSign' })}, '*')</script>`);
229217
},
230218
);

0 commit comments

Comments
 (0)