p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixed #24896 -- Doc'd clickjacking protection doesn't overwrite X-Frame-Options header.

This commit is contained in:
Simeon J Morgan 2015-06-02 14:11:01 +10:00 committed by Tim Graham
parent 44f3ee7716
commit 0b5fb8e72c
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/ref/clickjacking.txt
View File

@ -45,6 +45,9 @@ site:
2. A set of view decorators that can be used to override the middleware or to 2. A set of view decorators that can be used to override the middleware or to
only set the header for certain views. only set the header for certain views.
The ``X-Frame-Options`` HTTP header will only be set by the middleware or view
decorators if it is not already present in the response.
How to use it How to use it
============= =============