Update next.config.mjs

Replace `X-FRAME-OPTIONS` with a CSP Frame Ancestors Policy!

Author: CodeMeAPixel

next.config.mjs

@@ -86,10 +86,6 @@ const securityHeaders = [
         key: 'X-Content-Type-Options',
         value: 'nosniff'
     },
-    {
-        key: 'X-Frame-Options',
-        value: 'DENY'
-    },
     {
         key: 'X-XSS-Protection',
         value: '1; mode=block'
@@ -102,4 +98,8 @@ const securityHeaders = [
         key: 'Referrer-Policy',
         value: 'origin-when-cross-origin'
     },
+    {
+         key: 'Content-Security-Policy',
+        value: "frame-ancestors 'self' https://tawk.to https://toxicdev.me;"
+    }
 ]