X-Frame SAMEORIGIN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2015 11:21 AM
Hello,
Is there any way in ServiceNow to add trusted origins, as opposed to opening things up to all origins below? What I'd like to do is embed UI Pages from ServiceNow in a Drupal site.
Thanks!
| glide.set_x_frame_options | Enable this property to set the X-Frame-Options response header to SAMEORIGIN for all UI pages. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites. https://developer.mozilla.org/en/the_x-frame-options_response_header Default: Yes |
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2018 12:42 AM
Hi All,
i'm facing the same issue.
how do i fix it. i went through the links provided above but could get hold on the fix through that.
can someone please suggest steps to fix this issue. thanks...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2018 01:53 AM
Hi Sumeet,
please find my comment above. As far as I know in ServiceNow it's just an on/off for all sites.
There is no possibility to whitelist just several sites.
If you need it, please raise an enhancement request on Hi. ServiceNow Development needs those requests in order to
decide to build the feature or not.
Regards
Roger
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-24-2019 04:02 AM
Can anyone confirm if X-Frame-Options: allow-from https://example.com/" whitelisting option is available in New York instance.
If yes, can anyone share the steps on how to get the options set for glide.set_x_frame_options.
