Other: Remove the X-frame option to deny in HVR.
We are unable to render HVT UI inside an iframe. We are getting the below error
Refused to display 'http://host:4340/' in a frame because it set 'X-Frame-Options' to 'deny'.
curl -XGET localhost:4340 -v
* About to connect() to localhost port 4340 (#0)
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 4340 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:4340
> Accept: */*
>
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Content-Length: 810
< Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
< Content-Type: text/html; charset=utf-8
< Last-Modified: Mon, 13 May 2024 07:37:53 GMT
< Vary: Accept-Encoding
< X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
< Date: Tue, 18 Jun 2024 06:07:50 GMT
The X-Frame-Options is set as DENY currently. This needs to be removed or updated to SAMEORIGIN if we want to display HVR UI inside a frame.
-
This will be addressed in 6.1.5/9 and 6.1.0/58 and above.
Thanks,
Mark.
Please sign in to leave a comment.
Comments
1 comment