From 30af31b319309ac20a08565873a731fe2288b963 Mon Sep 17 00:00:00 2001
From: Dmitry Lebedko <lebedko.dmitrii@gmail.com>
Date: Mon, 15 Jul 2019 18:38:34 +0300
Subject: [PATCH] Apache configuration file was changed to always set the
 header `X-Frame-Options` to `sameorigin` to prevent clickjacking attacks.
 (#122)

---
 src/docker/httpd.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/docker/httpd.conf b/src/docker/httpd.conf
index 9985b49..5c3dc38 100644
--- a/src/docker/httpd.conf
+++ b/src/docker/httpd.conf
@@ -570,3 +570,5 @@ SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
 </IfModule>
 
+Header onsuccess unset X-Frame-Options
+Header always set X-Frame-Options "sameorigin"