Closed mhbates closed 4 years ago
Since Nextcloud 17, the X-Frame-Options
header isn't set by Nextcloud anymore. So it is now set by nginx (in the config file). But for Nextcloud 15 and 16 it is now set twice, which is not permitted.
So we need to remove the header for the old versions. I'll try to fix it by the end of the week.
Great, thanks for the quick response.
It should be fixed now. Please verify if it solves the problem.
That fixed it, thanks again.
Strangely, I'm now getting an error about X-Frame-Options after the addition of that setting to the image. I updated my container this morning.
The error is:
The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.