It's not the same without you
Join the community to find out what other Atlassian users are discussing, debating and creating.
Does confluence cloud allow changing x-frame-options header ?
Currently its set to SAMEORIGIN, and prevents any confluence page to be embedded in an iframe from a different domain.
I think Confluence Server is not a problem as we get to control the environment. But my question is specifically about Confluence Cloud. I'm looking for a way to change the header to allow from few safe authorized urls, as mentioned in the specs - https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Do we have access to Tomcat settings in Confluence Cloud? I mean when I signup for confluence on atlassian.net do we get access to change anything on the server? From Confluence Admin settings I don't see an option to change anything for Tomcat / Java etc.
Sure Nic, then we are same page, because anything that as a customer I can't change (even can't hack) is essentially considered not possible in my opinion.
I see you have a enhancement ticket opened here - https://jira.atlassian.com/browse/CONF-40640 in which you mention confluence.clickjacking.protection.disable as a way, but unless customer has a way to set this property, essentially there is no way, isn't? I'll +1 on your ticket, as this looks like a very important enhancement request to enable reusing confluence pages by embedding them elsewhere.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.
Read moreHi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...
Connect with like-minded Atlassian users at free events near you!
Find a groupConnect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.
Start an AUGYou're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.