Re: [I] Cannot send Cross-Origin-Resource-Policy from embed code [superset]

via GitHub Tue, 23 Apr 2024 03:52:41 -0700


WaudoDavid commented on issue #27376:
URL: https://github.com/apache/superset/issues/27376#issuecomment-2071994774


   This will only work if you disable Talisman and set your own content 
security policy. 
   **TALISMAN_ENABLED = False
   
   #Allows any website to embed the iframe on its website
   #OVERRIDE_HTTP_HEADERS = { "X-Frame-Options": "ALLOWALL" }
   
   #Allows only your website to be the only website allowed to embed dashboards
   OVERRIDE_HTTP_HEADERS = { "Content-Security-Policy": "frame-ancestors 
http://your.domain.com;"; }
   
   # @loretoparisi** 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Re: [I] Cannot send Cross-Origin-Resource-Policy from embed code [superset]

Reply via email to