...
request - the HTTP request object, which can be read to conditionally change headers.
response - the HTTP response object before it gets sent to the client.
The module is loaded upon server startup and cached like any Node.js module.
Example 1
config.js setting:
| Code Block | ||
|---|---|---|
| ||
// Remove headers that prevent Rich Display sessions from loading inside of an iframe.
customHttpHeaders: function(request, response) {
response.removeHeader("X-Frame-Options");
response.removeHeader("Content-Security-Policy");
} |
...
Content of customHttpHeaders.js:
| Code Block | ||
|---|---|---|
| ||
module.exports = function(request, response) {
response.removeHeader("X-Frame-Options");// Allow pages to be inside of iframes if the parent iframe is the same PJS server.
response.removeHeadersetHeader("Content-Security-Policy", "frame-ancestors " + profound.settings.host);
}; |
Click here for information on how to modify this setting.
customHttpHeaders is available in Profound.js versions after 7.4.0.