fix: set CSP `frame-src` to `'none'`

commit: 7a78a2543e89c50bc0d839c9a7b31c52befd193f [log] [tgz]
author: plainheart <yhen@all-my-life.cn> Sun May 01 18:00:06 2022 +0800
committer: plainheart <yhen@all-my-life.cn> Sun May 01 18:00:22 2022 +0800
tree: 91337a7a061e2ac293e4a2a77bcc57743b542b34
parent: 27aa32c7716b9ba089f666ba68380054917f6541 [diff]
diff --git a/src/editor/sandbox/index.js b/src/editor/sandbox/index.js
index 1574953..b237a60 100644
--- a/src/editor/sandbox/index.js
+++ b/src/editor/sandbox/index.js

@@ -68,7 +68,7 @@
         'npm.elemecdn.com'
       ].map((domain) => 'https://' + domain)
     ),
-    'frame-src': [`'self'`, 'https://*.apache.org'],
+    'frame-src': [`'none'`],
     'object-src': [`'none'`],
     'navigate-to': [`'none'`],
     'worker-src': [`'none'`]
commit	7a78a2543e89c50bc0d839c9a7b31c52befd193f	[log] [tgz]
author	plainheart <yhen@all-my-life.cn>	Sun May 01 18:00:06 2022 +0800
committer	plainheart <yhen@all-my-life.cn>	Sun May 01 18:00:22 2022 +0800
tree	91337a7a061e2ac293e4a2a77bcc57743b542b34
parent	27aa32c7716b9ba089f666ba68380054917f6541 [diff]