function modifyResponse(
res: Response,
) {
res.headers.set("X-Frame-Options", "DENY");
return new Response(
res.body,
res,
);
}
function modifyIframeResponse(
handler: (req: Request) => Response | Promise<Response>,
): (req: Request) => Promise<Response> {
return async (req: Request): Promise<Response> => {
if (req.headers.get("referer") == "https://www.val.town/") {
return new Response(
`This val isn't available in iframes! <a href="/" target="blank_">Open in a new tab.</a>`,
{
status: 400,
headers: {
"Content-type": "text/html",
},
},
);
}
const res = await handler(req);
return modifyResponse(res);
};
}
export default modifyIframeResponse;