You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am completely new to web development so perhaps there is some other way to solve this issue.
I have two routes
"/" which contains an iframe pointing to the other route:
"/form".
When loading this in my browser I am told that the "/form" content cannot be viewed. This is due to it having "X-Frame-Options: DENY".
I have tried, in the response r of the "/form" route to Dream.set_header r "X-Frame-Options" "SAMEORIGIN" but this results in two X-Frame-Options being sent, one with SAMEORIGIN and one with DENY.
Is there some way to solving this issue?
Thanks for a cool library!
The text was updated successfully, but these errors were encountered:
In my recollection, Dream doesn't set X-Frame-Options by default. We had issues about that and some other headers (#48, #49), but I decided that it's best to document how to use X-Frame-Options and let the developer make the choice to use it or not, since these techniques are highly situational, incomplete, interfere with development, and the risks are also handled by other means. This resulted in the example w-content-security-policy.
I just checked by running the example 2-middleware, and the only headers it sets by default are
Hi.
I am completely new to web development so perhaps there is some other way to solve this issue.
I have two routes
When loading this in my browser I am told that the "/form" content cannot be viewed. This is due to it having "X-Frame-Options: DENY".
I have tried, in the response
r
of the "/form" route toDream.set_header r "X-Frame-Options" "SAMEORIGIN"
but this results in twoX-Frame-Options
being sent, one withSAMEORIGIN
and one withDENY
.Is there some way to solving this issue?
Thanks for a cool library!
The text was updated successfully, but these errors were encountered: