From 5db511afdfb904f70de6007823a10dde8c314d5d Mon Sep 17 00:00:00 2001
From: shamoon <4887959+shamoon@users.noreply.github.com>
Date: Mon, 24 Mar 2025 07:28:27 -0700
Subject: [PATCH] Fix: revert removed x-frame-options header in non-debug

---
 src/paperless/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/paperless/settings.py b/src/paperless/settings.py
index a4b27ae28..b161d7016 100644
--- a/src/paperless/settings.py
+++ b/src/paperless/settings.py
@@ -549,6 +549,9 @@ def _parse_remote_user_settings() -> str:
 
 HTTP_REMOTE_USER_HEADER_NAME = _parse_remote_user_settings()
 
+# X-Frame options for embedded PDF display:
+X_FRAME_OPTIONS = "SAMEORIGIN"
+
 # The next 3 settings can also be set using just PAPERLESS_URL
 CSRF_TRUSTED_ORIGINS = __get_list("PAPERLESS_CSRF_TRUSTED_ORIGINS")