Fix checks to match with core handling for allowframeemedding

lib/weblib.php:2285 states that it only passes the 'X-Frame-Options: sameorigin' setting if embedding is disabled AND if the user is not loading the page from the app.
h5p · Aug 19, 2021 · da394f4 · da394f4
1 parent 326284c
commit da394f4
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/classes/output/mobile.php b/classes/output/mobile.php
@@ -27,7 +27,7 @@ public static function mobile_course_view($args) {
         global $DB, $CFG, $OUTPUT, $USER;
 
         $cmid = $args['cmid'];
-        if (!$CFG->allowframembedding) {
+        if (empty($CFG->allowframembedding) && !core_useragent::is_moodle_app()) {
             $context = \context_system::instance();
             if (has_capability('moodle/site:config', $context)) {
                 $template = 'mod_hvp/iframe_embedding_disabled';