+4
Under Review

X-frame-option

mholmes 8 years ago updated by toffitomek 1 month ago 13

With the on-premise Linux-based version of ScreenConnect, I would like the ability to add the X-Frame-Options header without manually editing the Default.master file. This should be an option within the administrator configuration area.

Answer

Answer
Completed

Hi Mholmes,

We added the ability to add custom headers via extensions in 5.6. I'll send you over an example of how to add X-Frame-Options.

Answer
Completed

Hi Mholmes,

We added the ability to add custom headers via extensions in 5.6. I'll send you over an example of how to add X-Frame-Options.

any chance the rest of us can know how to do this? 

Hi Brandon,

I sent you an email containing the example.

can you send me the example as well?


Thanks,

Aaron

Hi Aaron, we actually just completed an extension entitled "X-Frame Options" that allows you to set the X-Frame-Options header for HTTP requests to DENY/SAMEORIGIN/ALLOW-FROM. It is now live on the marketplace. Please let us know if it meets your needs. 


-Max

+1

I found the Extension after hours of searching and finally finding this post.  His original request was to have this option in the Admin tab, not as an extension.  If it must be an extension, I'd like to see it include all the header options,  Like:


  • Content-Security-Policy
  • Feature-Policy
  • HSTS
  • Referrer-Policy
  • X-Content-Type-Options
  • X-Frame-Options
  • X-XSS-Protection

Thanks


+1

Is there anything for Feature-Policy or Referrer-Policy yet? 

If so can you please send it to me. 

We need to set headers as well, can someone please share most recent way to do it on self-hosted system?

thanks in advance