remove ALLOWALL from X_FRAME_OPTIONS options

2021-03-11 14:41:23 +01:00 · 2021-03-11 14:41:23 +01:00 · 6e93575e16
parent ba4c977550
commit 6e93575e16
1 changed files with 1 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -836,7 +836,7 @@ You can customize the CRS (i.e. : add WordPress exclusions) by adding custom .co
 ## Security headers

 `X_FRAME_OPTIONS`  
-Values : *DENY* | *SAMEORIGIN* | *ALLOW-FROM https://www.website.net* | *ALLOWALL*  
+Values : *DENY* | *SAMEORIGIN* | *ALLOW-FROM https://www.website.net*
 Default value : *DENY*  
 Context : *global*, *multisite*  
 Policy to be used when the site is displayed through iframe. Can be used to mitigate clickjacking attacks.