mirror of
https://github.com/MichMich/MagicMirror.git
synced 2025-06-27 11:50:00 +00:00
b9b7d2c95d
Many users like me do have the problem that they want to embed other sites to their mirror by "iframe". As some developers set the "x-frame-options" and "content-security-policy" for security reasons these sites can not be embedded. Electron provides the "webview" element additionally to "iframe" which allows to embed these sites although. The main difference is that a new process is started which handles the "webview" element. BUT: As the "webview" process needs to be started and is isolated "webview" is slower and the elements can not be accessed from the embedding website. As an alternative i implemented a small callback function in electron.js which removes the response headers that forbid the embedding. The removing can be controlled with the new config options: * ignoreXOriginHeader * ignoreContentSecurityPolicy