From 5af083ab6ca093472401aa1ce091020233384570 Mon Sep 17 00:00:00 2001
From: Jack <bartnikjack@gmail.com>
Date: Fri, 12 Nov 2021 17:13:10 +0000
Subject: [PATCH] added headers to prevent clickjacking

---
 firebase.json | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/firebase.json b/firebase.json
index ad07f9f4d..9bd8e0519 100644
--- a/firebase.json
+++ b/firebase.json
@@ -13,6 +13,18 @@
       }
     ],
     "cleanUrls": true,
-    "trailingSlash": false
+    "trailingSlash": false,
+    "headers": [
+      {
+        "source": "**/*",
+        "headers": [
+          {
+            "key": "Content-Security-Policy",
+            "value": "frame-ancestors 'none'"
+          },
+          { "key": "X-Frame-Options", "value": "DENY" }
+        ]
+      }
+    ]
   }
 }