X-Frame-Options: ALLOW-FROM?

rtuser3 · May 5, 2017, 6:22pm

Hi,

Is it possible to set x-frame-options to allow-from? I want to prevent clickjacking, but would like to embed in an iframe in my intranet site.

Thanks

Anton_Smirnov · May 18, 2017, 8:30am

lib/RT/Interface/Web/Handler.pm
Change
Plack::Util::header_set($res->[1], ‘X-Frame-Options’ => ‘DENY’);