Giveth · kkatusic · Dec 3, 2024 · Oct 10, 2024 · Oct 15, 2024 · Oct 15, 2024
diff --git a/next.config.js b/next.config.js
@@ -163,6 +163,14 @@ const moduleExports = withBundleAnalyzer({
 						key: 'Access-Control-Allow-Headers',
 						value: 'X-Requested-With, content-type, Authorization',
 					},
+					{
+						key: 'X-Frame-Options',
+						value: 'SAMEORIGIN',
+					},
+					{
+						key: 'Content-Security-Policy',
+						value: "frame-ancestors 'self'",
+					},
 				],
 			},
 		];

diff --git a/src/components/views/verification/EmailVerificationIndex.tsx b/src/components/views/verification/EmailVerificationIndex.tsx
@@ -78,10 +78,20 @@ export default function EmailVerificationIndex() {
 }
 
 function Verified() {
+	const [querySlug, setQuerySlug] = useState<string | undefined>(undefined);
 	const router = useRouter();
 	const { slug } = router.query;
 	const { formatMessage } = useIntl();
 
+	// we must wait for the router to be ready to get the slug from the query
+	useEffect(() => {
+		if (router.isReady) {
+			if (typeof slug === 'string') {
+				setQuerySlug(slug);
+			}
+		}
+	}, [router.isReady, slug]);
+
 	return (
 		<>
 			<Image
@@ -99,7 +109,7 @@ function Verified() {
 				})}
 			</Lead>
 			<LinkHolder>
-				<Link href={slugToVerification(slug as string)}>
+				<Link href={slugToVerification(querySlug as string)}>
 					<ButtonLink
 						size='small'
 						label={