Skip to content

Commit

Permalink
Remove deprecated_inline from X-Frame-Options SAMEORIGIN (#37775)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lukewarlow
lukewarlow authored Jan 23, 2025
1 parent 8c47156 commit ca0ac39
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion files/en-us/web/http/headers/x-frame-options/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ If you specify `DENY`, not only will the browser attempt to load the page in a f

- `DENY`
- : The page cannot be displayed in a frame, regardless of the site attempting to do so.
- `SAMEORIGIN` {{deprecated_inline}}
- `SAMEORIGIN`
- : The page can only be displayed if all ancestor frames are same origin to the page itself.
- `ALLOW-FROM origin` {{deprecated_inline}}
- : This is an obsolete directive. Modern browsers that encounter response headers with this directive will ignore the header completely. The {{HTTPHeader("Content-Security-Policy")}} HTTP header has a {{HTTPHeader("Content-Security-Policy/frame-ancestors", "frame-ancestors")}} directive which you should use instead.
Expand Down

0 comments on commit ca0ac39

Please sign in to comment.