Ingress: clear X-Frame-Options header from responses. This enables applications to be loaded in iframes. Although it does sacrifice security a bit. https: //developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options Change-Id: Ibb5568b5461bbe001106724a0cf64ec25e7fd4ce

commit: db274d18bded70f68a886f4943fcc47dd54e22d5 [log] [tgz]
author: gio <gio@v1.dodo.cloud> Fri Apr 19 11:53:18 2024 +0400
committer: gio <gio@v1.dodo.cloud> Fri Apr 19 19:44:51 2024 +0400
tree: 0fc01ff5833969727404310e00fcffb50081cd11
parent: 3cdee59de09438ef564aec0eb4975b51bedc24b0 [diff] [blame]
diff --git a/core/installer/values-tmpl/private-network.cue b/core/installer/values-tmpl/private-network.cue
index bc58a9f..156b078 100644
--- a/core/installer/values-tmpl/private-network.cue
+++ b/core/installer/values-tmpl/private-network.cue

@@ -84,7 +84,11 @@
 					controllerValue: "k8s.io/\(_ingressPrivate)"
 				}
 				config: {
+					"proxy-body-size": "200M" // TODO(giolekva): configurable
 					"force-ssl-redirect": "true"
+					"server-snippet": """
+					more_clear_headers "X-Frame-Options";
+					"""
 				}
 				extraArgs: {
 					"default-ssl-certificate": "\(_ingressPrivate)/cert-wildcard.\(global.privateDomain)"
commit	db274d18bded70f68a886f4943fcc47dd54e22d5	[log] [tgz]
author	gio <gio@v1.dodo.cloud>	Fri Apr 19 11:53:18 2024 +0400
committer	gio <gio@v1.dodo.cloud>	Fri Apr 19 19:44:51 2024 +0400
tree	0fc01ff5833969727404310e00fcffb50081cd11
parent	3cdee59de09438ef564aec0eb4975b51bedc24b0 [diff] [blame]