In some cases someone might want to include bitwarden into another website by iframe.
While there are a lot of cases where this idea is insanely stupid, it might be interesting in cases where a secure intranet website is used such as next-cloud.
This is not a problem in itself, but currently the code doesn't allow ANY iframe except from itself and the chrome extention.
In some cases someone might want to include bitwarden into another website by iframe. While there are a lot of cases where this idea is insanely stupid, it might be interesting in cases where a secure intranet website is used such as next-cloud.
This is not a problem in itself, but currently the code doesn't allow ANY iframe except from itself and the chrome extention.
https://github.com/dani-garcia/bitwarden_rs/blob/d212dfe735e59128667a4c579e52ce7e86b53a94/src/util.rs#L26
I suggest keeping the current setting, but adding a variable that grabs any additional options in a config options or env. variable.
It should be relatively easy to do but increase the useability considerably.