X-Frame-Options in nginx to allow all domains
Solved it by changing proxy_hide_header values in /etc/nginx/sites-available/default
file like so:
proxy_hide_header X-Frame-Options;
Needed to restart nginx
as well as use pm2
to restart my nodejs
server (for some reason, it didn't work till I made a small change to my server and restarted it).
add_header X-Frame-Options "";
did the trick for me in nginx 1.12.
Found this header in /etc/nginx/snippets/ssl-params.conf
Just needed to comment out the line:
# add_header X-Frame-Options DENY;