SecurityConfig

Example
Properties

API Reference / modelence / server / SecurityConfig

SecurityConfig = object

Defined in: packages/modelence/src/app/securityConfig.ts:20 Security configuration for the application By default, the app is protected against clickjacking by setting Content-Security-Policy: frame-ancestors 'self' and X-Frame-Options: SAMEORIGIN on all responses, preventing the app from being embedded in iframes on other domains.

Example

import { startApp } from 'modelence/server';

// Allow embedding in iframes on specific domains
startApp({
  security: {
    frameAncestors: ['https://modelence.com', 'https://app.example.com'],
  },
});

Properties

Property	Type	Description	Defined in
`frameAncestors?`	`string`[]	Additional origins allowed to embed this app in an iframe. The app’s own origin (`'self'`) is always included automatically. When not set, only same-origin framing is allowed. When set, `X-Frame-Options` is omitted since it cannot express multiple origins.	packages/modelence/src/app/securityConfig.ts:28

⌘I

Overview

Core

Authentication

Database

Config

Rate Limits

Email

Example

Properties

Overview

Core

Authentication

Database

Config

Rate Limits

Email

​Example

​Properties

Example

Properties