From 7bb15e7b70cb8a9dd78ceb4b46c439395a8a4845 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Tue, 16 Apr 2019 10:47:26 +0200
Subject: [PATCH] evocheck : add "x-frame-options: sameorigin" for Munin

---
 CHANGELOG.md                             | 2 +-
 nginx/templates/evolinux-default.conf.j2 | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6dfb6239..43019df5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,7 +11,7 @@ The **patch** part changes incrementally at each release.
 ## [Unreleased]
 
 ### Added
-
+* evocheck : add "x-frame-options: sameorigin" for Munin
 * etc-git: ignore evobackup/.keep-* files
 
 ### Changed
diff --git a/nginx/templates/evolinux-default.conf.j2 b/nginx/templates/evolinux-default.conf.j2
index eeffa686..5662ba51 100644
--- a/nginx/templates/evolinux-default.conf.j2
+++ b/nginx/templates/evolinux-default.conf.j2
@@ -35,6 +35,7 @@ server {
 
     location /munin/ {
         alias   /var/cache/munin/www/;
+        add_header X-Frame-Options "SAMEORIGIN";
     }
 
     location ^~ /munin-cgi/munin-cgi-graph/ {