Can't setup X-Frame-Options (?)

google / gae-secure-scaffold-python3

Secure scaffold for Google App Engine static and dynamic Python websites

Apache License 2.0

31 stars 16 forks source link

Can't setup X-Frame-Options (?) #6

Closed bgirschig closed 1 year ago

bgirschig commented 2 years ago

Hi!

It looks like it's not possible to customize the value of the X-Frame-Options header. The get_talisman_config() function seems to only pick up a selection of settings, which does not include the frame-options one.

I need this because I'm building component that will be embedded in a website on another domain, in an iframe.

Am I missing something ?

davidwtbuxton commented 2 years ago

Set options on the view https://github.com/GoogleCloudPlatform/flask-talisman#per-view-options

Or set options on the app.talisman instance https://github.com/google/gae-secure-scaffold-python3/blob/2c970362e34dc59d922f3b634a23194973f29d9b/src/securescaffold/factory.py#L68