dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

fix: Issue with electron not displaying site

Browse Source
This commit is contained in:
LukeGus
2025-10-31 14:47:13 -05:00
parent 0a125a3246
commit 79419420bf
3 changed files with 40 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker/nginx.conf
View File

@@ -23,13 +23,15 @@ http {
listen ${PORT}; listen ${PORT};
server_name localhost; server_name localhost;
add_header X-Frame-Options DENY always; # X-Frame-Options removed to allow Electron iframe embedding
# add_header X-Frame-Options DENY always;
add_header X-Content-Type-Options nosniff always; add_header X-Content-Type-Options nosniff always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
location / { location / {
root /usr/share/nginx/html; root /usr/share/nginx/html;
index index.html index.htm; index index.html index.htm;
try_files $uri $uri/ /index.html;
} }
location ~* \.map$ { location ~* \.map$ {

35
electron/main.cjs
View File

@@ -64,6 +64,41 @@ function createWindow() {
mainWindow.loadFile(indexPath); mainWindow.loadFile(indexPath);
} }
// Allow iframes to load from any origin by removing X-Frame-Options headers
mainWindow.webContents.session.webRequest.onHeadersReceived(
(details, callback) => {
const headers = details.responseHeaders;
// Remove headers that block iframe embedding
if (headers) {
delete headers["x-frame-options"];
delete headers["X-Frame-Options"];
// Modify CSP to allow framing
if (headers["content-security-policy"]) {
headers["content-security-policy"] = headers["content-security-policy"]
.map(value => value.replace(/frame-ancestors[^;]*/gi, ''))
.filter(value => value.trim().length > 0);
if (headers["content-security-policy"].length === 0) {
delete headers["content-security-policy"];
}
}
if (headers["Content-Security-Policy"]) {
headers["Content-Security-Policy"] = headers["Content-Security-Policy"]
.map(value => value.replace(/frame-ancestors[^;]*/gi, ''))
.filter(value => value.trim().length > 0);
if (headers["Content-Security-Policy"].length === 0) {
delete headers["Content-Security-Policy"];
}
}
}
callback({ responseHeaders: headers });
}
);
mainWindow.once("ready-to-show", () => { mainWindow.once("ready-to-show", () => {
mainWindow.show(); mainWindow.show();
}); });

4
src/ui/Desktop/Authentication/ElectronLoginForm.tsx
View File

@@ -326,8 +326,8 @@ export function ElectronLoginForm({
src={serverUrl} src={serverUrl}
className="w-full h-full border-0" className="w-full h-full border-0"
title="Server Authentication" title="Server Authentication"
sandbox="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation" sandbox="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-storage-access-by-user-activation allow-top-navigation allow-top-navigation-by-user-activation allow-modals allow-downloads"
allow="clipboard-read; clipboard-write; cross-origin-isolated" allow="clipboard-read; clipboard-write; cross-origin-isolated; camera; microphone; geolocation"
/> />
</div> </div>
</div> </div>