diff options
| author | Simeon J Morgan <smorgan@digitalfeed.net> | 2015-06-02 14:11:01 +1000 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2015-06-02 09:01:38 -0400 |
| commit | 0b5fb8e72c74e41d250f35c8c3df3f3a13d367f3 (patch) | |
| tree | 1dad023f53115538a0758fbcd141e22dc902c894 | |
| parent | 44f3ee77166bd5c0e8a4604f2d96015268dce100 (diff) | |
Fixed #24896 -- Doc'd clickjacking protection doesn't overwrite X-Frame-Options header.
| -rw-r--r-- | docs/ref/clickjacking.txt | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/docs/ref/clickjacking.txt b/docs/ref/clickjacking.txt index b7ba915eee..06d264c115 100644 --- a/docs/ref/clickjacking.txt +++ b/docs/ref/clickjacking.txt @@ -45,6 +45,9 @@ site: 2. A set of view decorators that can be used to override the middleware or to only set the header for certain views. +The ``X-Frame-Options`` HTTP header will only be set by the middleware or view +decorators if it is not already present in the response. + How to use it ============= |