ghost-docker

d0zingcat/ghost-docker

Fork 0

mirror of https://github.com/d0zingcat/ghost-docker.git synced 2026-05-13 23:16:44 +00:00

Commit Graph

Author	SHA1	Message	Date
Chris Raible	fb6040fd0c	Fixed "View site" and post previews in Ghost Admin (#60 ) * Fixed "View site" and post previews in Ghost Admin ref https://linear.app/ghost/issue/ONC-1097/preview-post-does-not-work-on-separate-ghostadmin-domains ref https://linear.app/ghost/issue/ONC-1090/oss-issue-previewing-site-from-subdomain-admin-panel-results-in In Ghost Admin, the frontend of the site is loaded in an iframe in a few places: - The "View site" tab on the sidebar - In post previews Using the default docker setup in this repository, these iframes fail to load because of the `X-Frame-Options DENY` header that is added by Caddy. This fixes the problem by replacing `X-Frame-Options DENY` with a Content Security Policy that allows the site to be embedded in an iframe on the site's domain itself and on the admin domain, if configured. * Update SecurityHeaders Spaces -> Tabs --------- Co-authored-by: James Loh <git@jloh.co>	2025-08-18 12:13:11 -07:00
James Loh	ceac2ed1c2	Caddy: Add option to have a separate Admin domain - Our setup docs recommend having Ghost Admin on a separate domain from the content domain - This lets users optionally set this up if they want whilst continuing to align Admin <-> content domain through templates	2025-07-15 21:22:33 +10:00
James Loh	8d0d565df9	Caddy: Move to more templated approach no ref - The goal here is to be able to provide more functionality to self-hosters through snippets and other segmented config - Some customers run Admin <-> content domains on separate ones which our current config doesn't support - Our current config also hardcodes a www redirect which complicates setups when you don't have that domain setup or don't even want it - Moving to a default template customers will have to copy which includes snippets allows us to update these later on without breaking peoples setups	2025-07-15 15:44:28 +10:00

Author

SHA1

Message

Date

Chris Raible

fb6040fd0c

Fixed "View site" and post previews in Ghost Admin (#60 )

* Fixed "View site" and post previews in Ghost Admin

ref https://linear.app/ghost/issue/ONC-1097/preview-post-does-not-work-on-separate-ghostadmin-domains
ref https://linear.app/ghost/issue/ONC-1090/oss-issue-previewing-site-from-subdomain-admin-panel-results-in

In Ghost Admin, the frontend of the site is loaded in an iframe in a few places:
- The "View site" tab on the sidebar
- In post previews

Using the default docker setup in this repository, these iframes fail to load because of the `X-Frame-Options DENY` header that is added by Caddy. This fixes the problem by replacing `X-Frame-Options DENY` with a Content Security Policy that allows the site to be embedded in an iframe on the site's domain itself and on the admin domain, if configured.

* Update SecurityHeaders

Spaces -> Tabs

---------

Co-authored-by: James Loh <git@jloh.co>

2025-08-18 12:13:11 -07:00

James Loh

ceac2ed1c2

Caddy: Add option to have a separate Admin domain

- Our setup docs recommend having Ghost Admin on a separate domain from the content domain
- This lets users optionally set this up if they want whilst continuing to align Admin <-> content domain through templates

2025-07-15 21:22:33 +10:00

James Loh

8d0d565df9

Caddy: Move to more templated approach

no ref

- The goal here is to be able to provide more functionality to self-hosters through snippets and other segmented config
- Some customers run Admin <-> content domains on separate ones which our current config doesn't support
- Our current config also hardcodes a www redirect which complicates setups when you don't have that domain setup or don't even want it
- Moving to a default template customers will have to copy which includes snippets allows us to update these later on without breaking peoples setups

2025-07-15 15:44:28 +10:00

3 Commits