How to properly integrate with `django-filebrowser` ?

[lugishr]

Hello, thank you for creating this package, I really like it. It's really easy to install and make it work.

What I kindly ask you is to help me with the issue I have regarding integration with django-filebrowser.

I followed your documentation and did the installation and configuration as described. But I'm getting the error 127.0.0.1 refused to connect. (or mydomain.com refused to connect in production env).

Here is step by step what I do: I click on Insert/Edit Image button, then on Insert/Edit Image window and I click on Source. Then window Django Filebrowser opens with error 127.0.0.1 refused to connect. or mydomain.com refused to connect.

django-filebrowser is working fine - I can upload files, create folders, etc...

What I just noticed is that even if I delete TINYMCE_FILEBROWSER = True from my settings.py, I still have the same issue!!!

So it seems something is still missing...

I'm using django 3.1.7, django-tinymce 3.3.0, django-filebrowser 3.14.1, django-grappelli 2.15.1. (I also tested with django 3.2 and also on both development Windows PC and on production Ubuntu server)

[ehamamrah]

@lugishr If you inspected the issues through chrome console or other, You will figure that it's rejected as of X-FRAME-Options is deny.

After looking into clickjacking protection in Django documentation I figured this:

By default, the middleware will set the X-Frame-Options header to DENY for every outgoing HttpResponse. If you want any other value for this header instead, set the X_FRAME_OPTIONS setting:
X_FRAME_OPTIONS = 'SAMEORIGIN'

For more details: https://docs.djangoproject.com/en/3.2/ref/clickjacking/