Re: Propagating X-Frame-Options header to debug view responses on errors

Thinking again: since it’s a debug view, Django could set the most permissive X-Frame-Options header on debug 500 responses. This would help every kind of framed view. If anyone agrees, we could make a ticket. On Fri, 28 Jan 2022 at 08:13, 'Ben Dickinson' via Django developers (Contributions to

Re: Propagating X-Frame-Options header to debug view responses on errors

Thanks Adam, that makes sense. The middleware is good idea, I hadn't thought of that. I think that's the way to go, at least that way we can keep it scoped to our URLs. Cheers! On Wednesday, 26 January 2022 at 19:04:33 UTC Adam Johnson wrote: > I was wondering if it would be possible to copy

Re: Propagating X-Frame-Options header to debug view responses on errors

> > I was wondering if it would be possible to copy the value of the > X-Frame-Options from the view that threw an error The problem here is that, because the view threw an error, there is no response object to copy the X-Frame-Options header from. So there's no way for the middleware to know

Propagating X-Frame-Options header to debug view responses on errors

Hi all, I'm one of the maintainers of django-pattern-library , which allows Django templates to be rendered with dummy context provided in static files. These rendered versions of the templates are show in an iframe, which means we have a