Disable x-frame-options in drupal 7.50

Report Inappropriate Content · 12-26-2016 12:29 AM

@seshi Im using developer portal version with drupal version 7.50 .

I go to path /var/www/html/sites/default

and update settings.php and default.settings.php with $conf['x_frame_options'] = '';

However i am still getting this header in teh response when hitting developer portal URL .

Could you please suggest how do i disable this variable as i want to open developer portal link in an iframe from a third party trusted application.

regards

Arpit

zubermohammad

Hi @ARPIT SHARMA,

You can use the "SecKit" module of drupal to control this header simply through drupal configurations.

This will be a cleaner approach. SecKit also provides some more security related features.

Set the X-Frame-Options to Disabled to stop sending it in response headers.

Other options include .htaccess directives for header restrictions.

Add below lines to .HTACCESS file

Header unset X-Frame-Options

Hope this helps!

Report Inappropriate Content

Hi @Mohammed Zuber ,Thanks for the reply ,could you please let me know where to find stable version of seckit module and instructions to instal the same

zubermohammad

Hi @ARPIT SHARMA,

Please refer this link for drupal module installation and activation.

https://community.apigee.com/questions/3289/how-do-i-add-a-new-drupal-module-in-the-developer.html

To get the stable version of SecKit. You can check the drupal community project here:

https://www.drupal.org/project/seckit