According to Firebase Hosting docs, I should be able to set custom headers on responses received from the server. I am trying to set the X-Frame-Options header on all html files, but the server simply does not want to send this header! Here's my firebase.json file, please let me know if I am doing anything wrong:
{
"hosting": {
"public": "build",
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
],
"headers": [
{
"source": "**/*.html",
"headers": [
{
"key": "X-Frame-Options",
"value": "SAMEORIGIN"
}
]
}
]
}
}
After lot of trial and error, I found the issue. All this while I was trying to load index.html using https://my-project.firebaseapp.com - this apparently does not trigger the header. I had to explicitly add /index.html at the end of the URL to make it work: https://my-project.firebaseapp.com/index.html. I should not have to do this, but that was the problem. So the question still remains - how do you get the firebase configuration to match an implied index.html.