Forum
X-Frame-Options not working
Fred
18 November 2016, 11:37
Hi hugo,
I just installed owncloud on our server and I get the following error message:
I don't understand why as I have the following in my config file:
Could you please tell me if I have missed / misconfigured something?
Thank you
I just installed owncloud on our server and I get the following error message:
The "X-Frame-Options" HTTP header is not configured to equal to "SAMEORIGIN". This is a potential security or privacy risk and we recommend adjusting this setting.
I don't understand why as I have the following in my config file:
VirtualHost {
...
CustomHeader = X-Frame-Options: sameorigin
CustomHeader = Vary: Accept-Encoding
...
Could you please tell me if I have missed / misconfigured something?
Thank you
Hugo Leisink
18 November 2016, 21:34
I don't know how and why ownCloud sends that message, but if the header is in the output, ignore the error message.
Fred
19 November 2016, 02:11
Hi Hugo,
How do check if the header is in the output? Are you talking about view source on the page or something else?
Fred
How do check if the header is in the output? Are you talking about view source on the page or something else?
Fred
Hugo Leisink
21 November 2016, 20:21
You can use telnet (or 'openssl s_client' for HTTPS) and send HTTP requests manually. You can also use the WebDeveloper or Firebug plugin for Firefox. Lots of ways to do it.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
