Closed mauritsvanrees closed 8 years ago
We also need a way to disable the X-Frame-Options header so sites can opt in to being iframeable.
Should we just advise to remove the X-Frame-Options header at the proxy server instead?
We can easily do this in plone.protect:
if X_FRAME_OPTIONS:
self.request.response.setHeader('X-Frame-Options', X_FRAME_OPTIONS)
sure, that's fine too. Just saying it might be easier for people to add a proxy config than change a process start script.
Pull request updated. New Jenkins: http://jenkins.plone.org/job/pull-request-5.0/448/
For me it is easier to change to process startup script than to add a proxy config. ;-)
The first Jenkins job has passed, but let's wait for the new one to finish.
Second Jenkins passes too. All green.
http://jenkins.plone.org/job/pull-request-5.0/447/