x_frame_options deny causes wysiwyg editor "insert/edit image" upload to fail

[Joseph Mohan]

When setting:

X_FRAME_OPTIONS = 'DENY'

It blocks the image upload box in the wysiwyg editor.

From the django docs i can set a decorator to exempt a view but I'm struggling to work out where I could use this for mezzanine's blog?

Any ideas for a work around, and/or do you think the x-frame-option is entirely necessary?

[Matthew Summers]

On Tue, Jan 12, 2016 at 8:57 AM, Joseph Mohan <skru...@gmail.com> wrote:

Any ideas for a work around, and/or do you think the x-frame-option is entirely necessary?

I've always just used SAME_ORIGIN with Mezzanine for this reason.

[Matthew Summers]

On Wed, Jan 13, 2016 at 10:46 AM, Matthew Summers <msumm...@gmail.com> wrote:

I've always just used SAME_ORIGIN with Mezzanine for this reason.

SAME-ORIGIN rather.

--

M. Summers

"...there are no rules here -- we're trying to accomplish something."
  - Thomas A. Edison

[Joseph Mohan]

Makes 100% sense, Doh!

--
You received this message because you are subscribed to a topic in the Google Groups "Mezzanine Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/mezzanine-users/iFsL0LrdZgo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to mezzanine-use...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Matthew Summers]

On Wed, Jan 13, 2016 at 10:50 AM, Joseph Mohan <skru...@gmail.com> wrote:

Makes 100% sense, Doh!

Of course, I look at the actual thing that I deployed and it's SAMEORIGIN not SAME-ORIGIN or SAME_ORIGIN. Sorry for the noise.