Good afternoon,
The documentation does not say anything about clickjacking protection.
Is there an integrated way to customize the X-Frame-Options header that should be set on all web pages returned by our site served by girder ?
Thank you
There’s nothing built into Girder for this. We normally deploy into production behind a reverse proxy such as nginx, which is a reasonable place to inject headers like this into responses. For nginx, see the add header directive.
Thank you, that is what I wanted to know.