Closed natf17 closed 4 years ago
To load in an iFrame as an embedded app, the "X-Frame-Options" header cannot be "Deny". When tested on a Spring web app, adding the following in WebSecurityConfigurerAdapter fixes the issue:
"X-Frame-Options"
"Deny"
WebSecurityConfigurerAdapter
headers() .frameOptions() .disable()
See 1181a3118e9ebdb72abf75905e38a4bd7eae6da0
To load in an iFrame as an embedded app, the
"X-Frame-Options"
header cannot be"Deny"
. When tested on a Spring web app, adding the following inWebSecurityConfigurerAdapter
fixes the issue: