Commit f758438e authored by GitLab's avatar GitLab

Revert "Set x-frame-option to sameorigin to allow the Sidekiq iframe to display."

This reverts commit 754b0838.

Sidekiq rendered via mounted sinatra app. We don't need to change
controller headers. It won't affect sidekiq at all. Please modify nginx
config instead for all gitlab app.
parent 754b0838
......@@ -13,7 +13,6 @@ v 7.0.0
- Group masters can create projects in group
- Deprecate ruby 1.9.3 support
- Only masters can rewrite/remove git tags
- Header X-Frame-Options allows SAMEORIGIN to display the Sidekiq interface
v 6.9.2
- Revert the commit that broke the LDAP user filter
......
......@@ -164,7 +164,7 @@ class ApplicationController < ActionController::Base
end
def default_headers
headers['X-Frame-Options'] = 'SAMEORIGIN' # Allow for the Sidekiq iframe in /admin/background_jobs
headers['X-Frame-Options'] = 'DENY'
headers['X-XSS-Protection'] = '1; mode=block'
headers['X-UA-Compatible'] = 'IE=edge'
headers['X-Content-Type-Options'] = 'nosniff'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment