Adding support for X-Frame-Options

Question

Closed this issue 7 months ago · 1 comments

Hello,

Is possible to add the following two configurations to allow different values for X-Frame-Options, other than SAMEORIGIN:

example:

WTF_CSRF_FRAME_OPTIONS = 'ALLOW-FROM'

and

WTF_CSRF_FRAME_OPTIONS_ALLOW_FROM = 'mydomain.site'

which will produce the following header:

'X-Frame-Options': 'ALLOW-FROM mydomain.site'

I've checked on documentation and previous issues but, unfortunately, I didn't find any way to do it.

Thank you

Answer 1 · 2024-05-16T15:04:11.000Z

closing this, that header is not set inside this library, I'm sorry for the confusion 😅