fix: intercept on incoming requests to disable x-frame-options

src/electron/electron/core.cljs

@@ -15,7 +15,8 @@
             ["electron-window-state" :as windowStateKeeper]
             [clojure.core.async :as async]
             [electron.state :as state]
-            [electron.git :as git]))
+            [electron.git :as git]
+            ["/electron/utils" :as utils]))
 
 (defonce LSP_SCHEME "lsp")
 (defonce LSP_PROTOCOL (str LSP_SCHEME "://"))
@@ -295,6 +296,8 @@
                    *quitting? (atom false)]
                (.. logger (info (str "Logseq App(" (.getVersion app) ") Starting... ")))
 
+               (utils/disableXFrameOptions win)
+
                (when (search/version-changed?)
                  (search/rm-search-dir!))
 

src/electron/electron/utils.js

@@ -0,0 +1,18 @@
+// workaround from https://github.com/electron/electron/issues/426#issuecomment-658901422
+// We set an intercept on incoming requests to disable x-frame-options
+// headers.
+
+export const disableXFrameOptions = (win) => {
+  win.webContents.session.webRequest.onHeadersReceived({ urls: [ "*://*/*" ] },
+                                                       (d, c)=>{
+                                                         if(d.responseHeaders['X-Frame-Options']){
+                                                           delete d.responseHeaders['X-Frame-Options'];
+                                                         } else if(d.responseHeaders['x-frame-options']) {
+                                                           delete d.responseHeaders['x-frame-options'];
+                                                         }
+
+                                                         c({cancel: false, responseHeaders: d.responseHeaders});
+                                                       }
+                                                      );
+
+};