middleware_test.go
16.8 KB
-
Security: Add new setting allow_embedding (#16853) · 1c142752
When allow_embedding is false (default) the Grafana backend will set the http header `X-Frame-Options: deny` in all responses to non-static content which will instruct browser to not allow Grafana to be embedded in `<frame>`, `<iframe>`, `<embed>` or `<object>`. Closes #14189
Marcus Efraimsson committed