X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server.ts;h=2531080a30819902b2063b90c6af097d454a8452;hb=2c94afe23d8b5d14e03d80b028d2f7f6efd2857e;hp=f44202c9af982bb294dd5563049c40046aa50809;hpb=903353d67a8d0fdda8465ed6c57b77a9a5afbe92;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server.ts b/server.ts
index f44202c9a..2531080a3 100644
--- a/server.ts
+++ b/server.ts
@@ -59,11 +59,11 @@ import { baseCSP } from './server/middlewares/csp'
 
 if (CONFIG.CSP.ENABLED) {
   app.use(baseCSP)
-  app.use(helmet({
-    frameguard: {
-      action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts
-    },
-    hsts: false
+}
+
+if (CONFIG.SECURITY.FRAMEGUARD.ENABLED) {
+  app.use(helmet.frameguard({
+    action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts
   }))
 }