Dennis Thompson created ZEPPELIN-3714:
-----------------------------------------
Summary: Add header option for Content-Security-Policy
Key: ZEPPELIN-3714
URL: https://issues.apache.org/jira/browse/ZEPPELIN-3714
Project: Zeppelin
Issue Type: Bug
Components: conf
Affects Versions: 0.7.3
Reporter: Dennis Thompson
Fix For: 0.8.1
Chrome doesn't support {{ALLOWED-FROM}} on {{X-Frame-Origins}} header which can
cause troubles when Zeppelin is embedded in an app as an {{iframe}}. Adding
this as an option solves the problem for allowed origins on Chrome, but will
also not interferer with IE/Edge support.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
