You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
By default X-Frame-Options is set to DENY in spring security. But we need it to be set to SAMEORIGIN for the file downloading support.
As for now this setting is hardcoded in JmixCoreSecurityConfiguration and StandardSecurityConfiguration. But if clients want to provide their own security configuration, they should add this setting as well.
So it would be better to think about more generic approach.
The text was updated successfully, but these errors were encountered:
By default
X-Frame-Options
is set toDENY
in spring security. But we need it to be set toSAMEORIGIN
for the file downloading support.As for now this setting is hardcoded in
JmixCoreSecurityConfiguration
andStandardSecurityConfiguration
. But if clients want to provide their own security configuration, they should add this setting as well.So it would be better to think about more generic approach.
The text was updated successfully, but these errors were encountered: