Dashboards & Visualizations

X-Frame-Options - remove deny, set sameorigin

darioapis
Explorer

Hi, my problem is explained in the heading. I need to remove X-Frame-Options: deny from the HTTP header and change it to sameorigin. Possible it is in web.conf. Any help is advisable.

Tags (1)
0 Karma
1 Solution

chrisyounger
SplunkTrust
SplunkTrust

You can't set it to sameorigin. You can only remove the header all together as you have seen by changing web.conf and setting x_frame_options_sameorigin = false. This will mean you can then embed Splunk in a frame if you want.

If it is important that you set the header to be sameorigin then you would need to use something like a nginx proxy over the top of Splunk. (fairly easy to do)

View solution in original post

chrisyounger
SplunkTrust
SplunkTrust

You can't set it to sameorigin. You can only remove the header all together as you have seen by changing web.conf and setting x_frame_options_sameorigin = false. This will mean you can then embed Splunk in a frame if you want.

If it is important that you set the header to be sameorigin then you would need to use something like a nginx proxy over the top of Splunk. (fairly easy to do)

Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...