Does confluence cloud allow changing x-frame-options header ?
Currently its set to SAMEORIGIN, and prevents any confluence page to be embedded in an iframe from a different domain.
I think Confluence Server is not a problem as we get to control the environment. But my question is specifically about Confluence Cloud. I'm looking for a way to change the header to allow from few safe authorized urls, as mentioned in the specs - https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Sure Nic, then we are same page, because anything that as a customer I can't change (even can't hack) is essentially considered not possible in my opinion.
I see you have a enhancement ticket opened here - https://jira.atlassian.com/browse/CONF-40640 in which you mention confluence.clickjacking.protection.disable as a way, but unless customer has a way to set this property, essentially there is no way, isn't? I'll +1 on your ticket, as this looks like a very important enhancement request to enable reusing confluence pages by embedding them elsewhere.
Hi my Community friends! For those who don't know me, I'm a product marketer on the Confluence Cloud team - nice to meet you! For those of you who do, you know that I've been all up in your Co...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs