On 10/04/18 11:42, [email protected] wrote:
it to work via web.xml by overriding the existing policy with
httpHeaderSecurity. It works for changing it from "SAMEORIGIN" to
“DENY" but what I need is "ALLOW-ALL *”, which it does not work. Once
I set it to "ALLOW-ALL *", it no longer starts up.
allow-all is not a valid directive, you probably want "allow-from *",
see:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before posting to this
list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
If you want to request a feature or an improvement, also see this:
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
