From a59ca530251f033c55655f6c258b35650ff06740 Mon Sep 17 00:00:00 2001
From: Alex Justesen <alexjustesen@users.noreply.github.com>
Date: Sun, 12 Nov 2023 08:15:56 -0500
Subject: [PATCH] [Bug] Don't return SAMEORIGIN twice (Hotfix Release v0.13.3)
 (#904)

---
 app/Http/Middleware/FrameAllowOptions.php | 4 +++-
 config/speedtest.php                      | 6 +++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/Http/Middleware/FrameAllowOptions.php b/app/Http/Middleware/FrameAllowOptions.php
index 2bf02ad20..a6dfb9468 100644
--- a/app/Http/Middleware/FrameAllowOptions.php
+++ b/app/Http/Middleware/FrameAllowOptions.php
@@ -17,7 +17,9 @@ public function handle(Request $request, Closure $next): Response
     {
         $response = $next($request);
 
-        $response->header('X-Frame-Options', 'ALLOW-FROM '.config('speedtest.allow_embeds'));
+        if (! blank(config('speedtest.allow_embeds'))) {
+            $response->header('X-Frame-Options', 'ALLOW-FROM '.config('speedtest.allow_embeds'));
+        }
 
         return $response;
     }
diff --git a/config/speedtest.php b/config/speedtest.php
index f8e981636..8a78fb8b0 100644
--- a/config/speedtest.php
+++ b/config/speedtest.php
@@ -6,9 +6,9 @@
     /**
      * Build information
      */
-    'build_date' => Carbon::parse('2023-11-11'),
+    'build_date' => Carbon::parse('2023-11-12'),
 
-    'build_version' => '0.13.2',
+    'build_version' => '0.13.3',
 
     /**
      * General
@@ -27,5 +27,5 @@
     /**
      * Security
      */
-    'allow_embeds' => env('ALLOW_EMBEDS', 'SAMEORIGIN'),
+    'allow_embeds' => env('ALLOW_EMBEDS', null),
 ];