bitScry

  • Home
  • About
  • Blog
  • Contact

X-FRAME-OPTIONS

About this site

This is a blog to help me remember some of the coding challenges I’ve faced and hopefully help others out if they’re suffering the same problems.

Recent Posts
  • Cloning a Private Repository in a GitHub Workflow
  • Installing Multiple .NET Versions in GitHub Actions
  • Serving Images from Blob Storage in an Azure Function
  • Redis Caching in .NET
  • Passing Environment Variables From Docker to .NET Web App
Tag Cloud

.NET .NET Core AAD API ASP.NET Core Authentication Azure Azure Active Directory Azure Function Azure Storage Blob Bootstrap C# Console Application CSS DataTable Dependency Injection Dictionary Entity Framework Enum Extension Google GZip HTML Image JavaScript jQuery JSON List Middleware MVC Newtonsoft RestSharp Serilog SQL SSDT SSIS Stored Procedure Stream Table Table Storage Test Web App Web Application WordPress

Programming

X-FRAME-OPTIONS Response Header

I hadn’t previously realised this but MVC adds an X-FRAME-OPTIONS: SAMEORIGIN header to site page responses as part of a security measure to prevent sites running in iframes. These can be removed in ASP.NET 5 applications by modifying the relevant option in Startup.cs.

By Shinigami, 7 years9 March 2017 ago
  • Facebook
  • Twitter
  • Instagram
  • Email
Hestia | Developed by ThemeIsle