From 511cf518bb74a808732a0a927240ece6c195f491 Mon Sep 17 00:00:00 2001
From: "carlo.ballabio" <carlo.ballabio@intre.it>
Date: Fri, 8 May 2026 18:38:20 +0200
Subject: [PATCH] fix: set allowIframes=true in config response

KeeWeb 1.18.x disables iframe embedding by default (allowIframes: false).
This plugin embeds KeeWeb in an iframe, so the setting must be explicitly
enabled via the config endpoint, otherwise KeeWeb refuses to load.
---
 keeweb/lib/Controller/PageController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/keeweb/lib/Controller/PageController.php b/keeweb/lib/Controller/PageController.php
index aa1bd5a..c7673ac 100644
--- a/keeweb/lib/Controller/PageController.php
+++ b/keeweb/lib/Controller/PageController.php
@@ -77,7 +77,7 @@ public function manifest(): TemplateResponse {
 	public function config(?string $file = null): JSONResponse {
 		$csrfToken = $this->csrfTokenManager->getToken()->getEncryptedValue();
 		$webdavBase = Util::linkToRemote('webdav');
-		$config = ['settings' => (object) null];
+		$config = ['settings' => ['allowIframes' => true]];
 		if ($file !== null) {
 			$config['files'] = [
 				[