From 14996a320b767d8322245c94695bfe06b61d21e3 Mon Sep 17 00:00:00 2001
From: gahusb <bgg8988@gmail.com>
Date: Fri, 3 Apr 2026 00:25:17 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20=EA=B4=80=EB=A6=AC=EC=9E=90=20=EB=AC=B8?=
 =?UTF-8?q?=EC=84=9C=20=EB=AF=B8=EB=A6=AC=EB=B3=B4=EA=B8=B0=20iframe=20X-F?=
 =?UTF-8?q?rame-Options=20=ED=97=88=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

/api/admin/documents/ 경로만 SAMEORIGIN으로 예외 처리하여
관리자 페이지에서 제안서/질문지 iframe 미리보기가 동작하도록 수정

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 next.config.ts | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/next.config.ts b/next.config.ts
index c4eeae7..c337f44 100644
--- a/next.config.ts
+++ b/next.config.ts
@@ -26,6 +26,14 @@ const nextConfig: NextConfig = {
           },
         ],
       },
+      // 관리자 문서 API: iframe 미리보기 허용 (동일 출처만)
+      {
+        source: "/api/admin/documents/:path*",
+        headers: [
+          { key: "Cache-Control", value: "no-store, max-age=0" },
+          { key: "X-Frame-Options", value: "SAMEORIGIN" },
+        ],
+      },
       // API 엔드포인트: 캐시 금지 + CORS 차단
       {
         source: "/api/:path*",