romanvm
commented
4 years ago Your solution is correct. See here: https://docs.djangoproject.com/en/3.0/ref/settings/#x-frame-options
Open gusarg81 opened 4 years ago
romanvm
commented
4 years ago Your solution is correct. See here: https://docs.djangoproject.com/en/3.0/ref/settings/#x-frame-options
merwok
commented
4 years ago python manage.py check --deploy still raises a warning with SAMEORIGIN, which needs to be silenced in settings.py.
gusarg81
commented
4 years ago Your solution is correct. See here: https://docs.djangoproject.com/en/3.0/ref/settings/#x-frame-options
Yeah, Done that on Edit.
Now, besides this, why load the filebrowser in a frame? Why not, for example, using ajax if possible? (I didn't saw the code, so I am just guessing here).
romanvm
commented
4 years ago Now, besides this, why load the filebrowser in a frame? Why not, for example, using ajax if possible? (I didn't saw the code, so I am just guessing here).
File management UI is provided by django-filebrowser-no-grappelli that is a separate package from another developer.
Hi,
Today I've upgraded django-filebrowser (3.13.1), django-tinymce4-lite (1.8.0) and Django (to version 3.0) and when I try to open the filebrowser from tinymce, the browser (tested with Firefox and Chrome) denies it with this message.
Now, using filebrowser from Django admin this problems is not present.
EDIT1: tested only in development environment with DEBUG enabled, not in production for obvious reasons.
EDIT2: adding X_FRAME_OPTIONS = 'SAMEORIGIN' to settings.py solved the problem for now.
Any ideas, or what I am missing? Thanks.