...
config.js setting:
| Code Block | ||
|---|---|---|
| ||
// Remove headers that prevent Rich Display sessions from loading inside of an iframe.
customHttpHeaders: function(request, response) {
response.removeHeader("X-Frame-Options");
response.removeHeader("Content-Security-Policy");
} |
...
Content of customHttpHeaders.js:
| Code Block | ||
|---|---|---|
| ||
module.exports = function(request, response) {
// Allow pages to be inside of iframes if the parent iframe is the same response.removeHeader("X-Frame-Options");PJS server.
response.removeHeadersetHeader("Content-Security-Policy", "frame-ancestors " + profound.settings.host);
}; |
Click here for information on how to modify this setting.