Skip to content

Commit

Permalink
enterprise/stages/authenticator_endpoint_gdtc: don't set frame option…
Browse files Browse the repository at this point in the history 
…s globally (cherry-pick #12311) (#12315)

enterprise/stages/authenticator_endpoint_gdtc: don't set frame options globally (#12311)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
  • Loading branch information
@gcp-cherry-pick-bot @BeryJu
gcp-cherry-pick-bot[bot] and BeryJu authored Dec 10, 2024
1 parent e760f73 commit 80441d2
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
3 changes: 3 additions & 0 deletions authentik/enterprise/stages/authenticator_endpoint_gdtc/views/dtc.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@
from django.http import HttpRequest, HttpResponse, HttpResponseRedirect
from django.template.response import TemplateResponse
from django.urls import reverse
from django.utils.decorators import method_decorator
from django.views import View
from django.views.decorators.clickjacking import xframe_options_sameorigin
from googleapiclient.discovery import build

from authentik.enterprise.stages.authenticator_endpoint_gdtc.models import (
Expand All @@ -26,6 +28,7 @@
DEVICE_TRUST_VERIFIED_ACCESS = "VerifiedAccess"


@method_decorator(xframe_options_sameorigin, name="dispatch")
class GoogleChromeDeviceTrustConnector(View):
"""Google Chrome Device-trust connector based endpoint authenticator"""

Expand Down
1 change: 0 additions & 1 deletion authentik/root/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@
SESSION_COOKIE_NAME = "authentik_session"
SESSION_COOKIE_DOMAIN = CONFIG.get("cookie_domain", None)
APPEND_SLASH = False
X_FRAME_OPTIONS = "SAMEORIGIN"

AUTHENTICATION_BACKENDS = [
"django.contrib.auth.backends.ModelBackend",
Expand Down

0 comments on commit 80441d2

Please sign in to comment.