The 10up Experience plugin configures WordPress to better protect and inform clients, aligned to 10up’s best practices.
GNU General Public License v2.0
130
stars
27
forks
source link
Feature/filter enable x frame options #85
Closed
jamesmorrison closed 3 years ago
Description of the Change
According to Mozilla, X-Frame-Options only has 2 valid values:
SAMEORIGIN
- Only allow an iframe to be used on the same domainDENY
- Do not allow any embedded iframeThe existing filter only allows for this to be changed from (default)
SAMEORIGIN
toDENY
Benefits
There is an option to filter
wp_headers
to remove this header, if present; this additional filter allows setting the header to be bypassed entirely.Possible Drawbacks
None
Verification Process
add_filter( 'tenup_experience_disable_x_frame_options', true )
- result is the header is not set.Checklist:
Changelog Entry
Added: filter
tenup_experience_disable_x_frame_options
to allow omission of the X-Frame-Options header.