From 403bcea3858e1ad8d33df7d8cc58653e5557a487 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Thu, 19 May 2022 10:36:22 +0200
Subject: [PATCH] Add `x-frame-options` response header to PSR-7 responses in
 RequestHandler

---
 .../install/files/lib/system/request/RequestHandler.class.php   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/wcfsetup/install/files/lib/system/request/RequestHandler.class.php b/wcfsetup/install/files/lib/system/request/RequestHandler.class.php
index 252ed5c7b6..44a316117e 100644
--- a/wcfsetup/install/files/lib/system/request/RequestHandler.class.php
+++ b/wcfsetup/install/files/lib/system/request/RequestHandler.class.php
@@ -145,6 +145,8 @@ class RequestHandler extends SingletonFactory
             \implode(', ', $cacheControl)
         );
 
+        $response->withHeader('x-frame-options', 'SAMEORIGIN');
+
         $emitter = new SapiEmitter();
         $emitter->emit($response);
     }
-- 
2.20.1