From 90c0e4e9ed7f44ec2530aa2df3ea5128e7f83636 Mon Sep 17 00:00:00 2001
From: ThatOneCalculator <kainoa@t1c.dev>
Date: Tue, 6 Jun 2023 21:00:16 -0700
Subject: [PATCH] allow iframes for notes

---
 packages/backend/src/server/api/endpoints/antennas/create.ts | 3 +--
 packages/backend/src/server/web/index.ts                     | 4 ++++
 rome.json                                                    | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/packages/backend/src/server/api/endpoints/antennas/create.ts b/packages/backend/src/server/api/endpoints/antennas/create.ts
index a25b32b40..f69501ae2 100644
--- a/packages/backend/src/server/api/endpoints/antennas/create.ts
+++ b/packages/backend/src/server/api/endpoints/antennas/create.ts
@@ -107,10 +107,9 @@ export default define(meta, paramDef, async (ps, user) => {
 		userId: user.id,
 	});
 	if (antennas.length > 5 && !user.isAdmin) {
-		throw new ApiError(meta.errors.tooManyAntennas)
+		throw new ApiError(meta.errors.tooManyAntennas);
 	}
 
-
 	if (ps.src === "list" && ps.userListId) {
 		userList = await UserLists.findOneBy({
 			id: ps.userListId,
diff --git a/packages/backend/src/server/web/index.ts b/packages/backend/src/server/web/index.ts
index 0d4034f55..c876635a3 100644
--- a/packages/backend/src/server/web/index.ts
+++ b/packages/backend/src/server/web/index.ts
@@ -422,6 +422,10 @@ router.get("/notes/:note", async (ctx, next) => {
 			});
 
 			ctx.set("Cache-Control", "public, max-age=15");
+			ctx.set(
+				"Content-Security-Policy",
+				"default-src 'self'; frame-ancestors '*'",
+			);
 
 			return;
 		}
diff --git a/rome.json b/rome.json
index 09db5f75e..37d738b55 100644
--- a/rome.json
+++ b/rome.json
@@ -13,7 +13,7 @@
 			"packages/*/package-lock.json",
 			"packages/backend/src/server/web/manifest.ts",
 			"packages/backend/built/",
-			"packages/backend/nsfw-model/",
+			"*/model.json",
 			"packages/client/src/emojilist.json",
 			"*.md",
 			"**/tsconfig.json",