Override HTTP header's default settings (X-FRAME-OPTIONS) Override HTTP header's default settings (X-FRAME-OPTIONS) laravel laravel

Override HTTP header's default settings (X-FRAME-OPTIONS)


laravel http-headers laravel-4 x-frame-options

Laravel doesn't provide any configuration to disable this functionality.

According to Taylor Otwell, the only way to bypass it is by adding the following line into the start file:

App::forgetMiddleware('Illuminate\Http\FrameGuard');

The dirty solution is to comment the guilty line:

$response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);

Edit (Jan 29th 2014): new info from Taylor Otwell on GitHub about next Laravel's policy.

Removing this by default in 4.2. Should be in an after filter - will leave FrameGuard class so people can add the middleware manually if they want.

laravel http-headers laravel-4 x-frame-options

The third parameter of the header method should serve your needs.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last