X-Frame-Options sameorigin case #25

darscan opened this Issue Jun 1, 2012 · 2 comments


None yet
2 participants

darscan commented Jun 1, 2012

As far as I can tell the only valid values are DENY and SAMEORIGIN (uppercase).

http://redbot.org/ reports that sameorigin (lowercase) is an unknown X-Frame-Options value.


rkh commented Jun 1, 2012

Well, the browsers support sameorigin, but we can change it.

darscan commented Jun 1, 2012

It would be nice to get rid of that warning, but I'd say the priority is ultra-uber-low

@rkh rkh closed this in cdebda5 Dec 10, 2012

zzak pushed a commit that referenced this issue Aug 12, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment