View definition

(SecureConfig).XFrameOptions

Defined in github.com/labstack/echo/middleware/secure.go

Description

XFrameOptions can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> . Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.provides protection against clickjacking. Optional. Default value "SAMEORIGIN". Possible values: - "SAMEORIGIN" - The page can only be displayed in a frame on the same origin as the page itself. - "DENY" - The page cannot be displayed in a frame, regardless of the site attempting to do so. - "ALLOW-FROM uri" - The page can only be displayed in a frame on the specified origin.

XFrameOptions is referenced in 1 repository

github.com/labstack/echo