1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
function modifyResponse(
res: Response,
) {
res.headers.set("X-Frame-Options", "DENY");
return new Response(
res.body,
res,
);
}
function modifyIframeResponse(
handler: (req: Request) => Response | Promise<Response>,
): (req: Request) => Promise<Response> {
return async (req: Request): Promise<Response> => {
if (req.headers.get("referer") == "https://www.val.town/") {
return new Response(
`This val isn't available in iframes! <a href="/" target="blank_">Open in a new tab.</a>`,
{
status: 400,
headers: {
"Content-type": "text/html",
},
},
);
}
const res = await handler(req);
return modifyResponse(res);
};
}
export default modifyIframeResponse;