[GeoNode-users] GeoServer X-Frame Options
Ramesh De Silva
desilvarami at gmail.com
Mon Mar 27 21:51:32 PDT 2023
Hi,
To protect against clickjacking attacks, X Frame option is set to
"SAMEHOST" in both GeoNode and GeoServer. I checked the Stable Demo GeoNode
and it is accordance with this. But in my local GeoNode, only GeoNode URLs
show the X-Frame header but not the GeoServer URLs. Please see the attached
image.
Can someone provide a guide to set the X Frame options in geoserver
container or possible reason for above behavior.
Thank you.
Kind Regards
Ramesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20230328/59734f83/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: X-Frame Header.jpg
Type: image/jpeg
Size: 295464 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20230328/59734f83/attachment-0001.jpg>
More information about the geonode-users
mailing list