From a24d45e5fece01a347e07757aff919567479fc85 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Tue, 17 Oct 2017 08:56:10 +0000
Subject: [PATCH] Seems people meant the pagure.io frame

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/pagure/frontend/templates/securityheaders.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/pagure/frontend/templates/securityheaders.conf b/roles/pagure/frontend/templates/securityheaders.conf
index 39b1b32a40..28ce0665cf 100644
--- a/roles/pagure/frontend/templates/securityheaders.conf
+++ b/roles/pagure/frontend/templates/securityheaders.conf
@@ -1,4 +1,4 @@
-Header always set X-Frame-Options "SAMEORIGIN"
+Header always set X-Frame-Options "ALLOW FROM https://pagure.io/"
 Header always set X-Xss-Protection "1; mode=block"
 Header always set X-Content-Type-Options "nosniff"
 Header always set Referrer-Policy "same-origin"