X-Frame-Options is being deprecated in Firefox in favor of Content Security
Policy.
http://www.w3.org/TR/CSP
Which is standard candidate. We should migrate to it and leave the old
X-Frame-Options as fallback for older browsers. E.g.
header('Content-Security-Policy', "default-src * 'self' 'unsafe-inline'
'unsafe-eval'; frame-src 'self'");
Original issue reported on code.google.com by jukka.m.svahn on 9 Dec 2013 at 12:17
Original issue reported on code.google.com by
jukka.m.svahn
on 9 Dec 2013 at 12:17