Frame-ancestors policy for site whitelisting
under review
Karthikeyan J
This is created on behalf of Othman Abdelmoumene
X-Frame: When X-Frame is enabled and the knowledge base site can be embedded if the origin of the site is same. However, the term "origin" encompasses the protocol, domain, and port. When the site and KB site has distinct origins, the browser automatically block any framing attempts. Also X-Frame-Options has been largely superseded by the Content Security Policy (CSP).
We can have an option to white-list the specific sites in which the knowledge base site can be embedded. This can be achieved through the implementation of "Content Security Policy (CSP)," which facilitates the establishment of a frame-ancestors policy for site whitelisting.
Thank you.
Log In
Shakeer Hussain S
under review
Shakeer Hussain S
Hi Othman Karthikeyan - Thank you for bringing this feature request to our attention. At present, we are keeping track of all such unique requests to gauge overall customer interest. We will continue to review your request for its traction among our user base. Once we observe a growing demand for this feature, we will certainly consider prioritizing its development.