Forum Discussion
Zeeshan_Ahmad_1
Dec 10, 2015Nimbostratus
Hi Darshan,
Note that in X-Frame-Options header Allow-From token does not support wildcards or listing of multiple origins and it is not supported by couple of browsers as well, you can use the below irule where you can mention the URL from where you want to make it accessible
when HTTP_RESPONSE {
HTTP::header replace X-Frame-Options "ALLOW-FROM http://www.mysite.com"
}