Question about Django X_FRAME_OPTIONS setting
124 views
Skip to first unread message
Chen Xu
Jan 7, 2014, 11:48:52 AM1/7/14
to django...@googlegroups.com
Hi
I have a question about Django X_FRAME_OPTIONS setting, I am wondering how to set X_FRAME_OPTIONS to allow from, and how to specify a list of hosts that are able to display my page in their frames?
Thanks in advance
⚡ Chen Xu ⚡
ernando
Jan 8, 2014, 3:41:04 PM1/8/14
to django...@googlegroups.com
Hi Chen,
Do you really need to set it via Django? Usually it's done via web-server (nginx/apache/etc)
What about Django - I think you can use HttpResponse object and update header in default way:
- Dmitry
Do you really need to set it via Django? Usually it's done via web-server (nginx/apache/etc)
What about Django - I think you can use HttpResponse object and update header in default way:
response['X_FRAME_OPTIONS'] = "value"
See additional examples here: https://docs.djangoproject.com/en/dev/ref/request-response/#setting-header-fields- Dmitry
Chen Xu
Jan 9, 2014, 2:53:53 AM1/9/14
to django...@googlegroups.com
Ah thanks, good point. There are different ways of doing it, I am just wondering if Django itself have ALLOW_FROM as a valid value since it has deny and sameorigin.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/3c00bc6a-f82c-4a24-ade4-77484e7d91fd%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
⚡ Chen Xu ⚡
Reply all
Reply to author
Forward
0 new messages