You are here

http_response_headers.response_header.x_frame_options.yml in HTTP Response Headers 8.2

config/optional/http_response_headers.response_header.x_frame_options.yml

File

config/optional/http_response_headers.response_header.x_frame_options.yml
View source
  1. langcode: en
  2. status: true
  3. dependencies: { }
  4. id: x_frame_options
  5. label: X-Frame-Options
  6. description: 'Clickjacking protection. Valid values include <em>DENY</em> meaning your site can''t be framed, <em>SAMEORIGIN</em> which allows you to frame your own site or <em>ALLOW-FROM https://example.com/</em> which lets you specify sites that are permitted to frame'
  7. group: Security
  8. name: X-Frame-Options
  9. value: SAMEORIGIN