From ff29ab834b46d192eecf918df728ceb77b4f6099 Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Fri, 27 Jun 2025 11:15:51 +0200
Subject: [PATCH] middleware change

---
 apps/login/src/middleware.ts | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/apps/login/src/middleware.ts b/apps/login/src/middleware.ts
index a1e630a823..0c157bc03a 100644
--- a/apps/login/src/middleware.ts
+++ b/apps/login/src/middleware.ts
@@ -56,18 +56,16 @@ export async function middleware(request: NextRequest) {
     securitySettings = await loadSecuritySettings(request);
 
     if (securitySettings?.embeddedIframe?.enabled) {
-      const responseHeaders = new Headers();
+      const response = NextResponse.next({
+        request: { headers: requestHeaders },
+      });
 
-      responseHeaders.set(
+      response.headers.set(
         "Content-Security-Policy",
         `${DEFAULT_CSP} frame-ancestors ${securitySettings.embeddedIframe.allowedOrigins.join(" ")};`,
       );
-      responseHeaders.delete("X-Frame-Options");
-
-      return NextResponse.next({
-        request: { headers: requestHeaders },
-        headers: responseHeaders,
-      });
+      response.headers.delete("X-Frame-Options");
+      return response;
     }
   }