mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
remove ALLOWALL from X_FRAME_OPTIONS options
This commit is contained in:
parent
ba4c977550
commit
6e93575e16
1 changed files with 1 additions and 1 deletions
|
@ -836,7 +836,7 @@ You can customize the CRS (i.e. : add WordPress exclusions) by adding custom .co
|
|||
## Security headers
|
||||
|
||||
`X_FRAME_OPTIONS`
|
||||
Values : *DENY* | *SAMEORIGIN* | *ALLOW-FROM https://www.website.net* | *ALLOWALL*
|
||||
Values : *DENY* | *SAMEORIGIN* | *ALLOW-FROM https://www.website.net*
|
||||
Default value : *DENY*
|
||||
Context : *global*, *multisite*
|
||||
Policy to be used when the site is displayed through iframe. Can be used to mitigate clickjacking attacks.
|
||||
|
|
Loading…
Reference in a new issue