1
0
mirror of https://github.com/django/django.git synced 2025-04-01 12:06:43 +00:00

Refs #30426 -- Updated XFrameOptionsMiddleware docstring.

Follow up to 05d0eca635853564c57e639ac5590674a7de2ed6.
This commit is contained in:
Clemens Wolff 2022-04-29 15:17:27 -04:00 committed by GitHub
parent b34238addc
commit f0ba799edf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -16,10 +16,10 @@ class XFrameOptionsMiddleware(MiddlewareMixin):
Do not set the header if it's already set or if the response contains
a xframe_options_exempt value set to True.
By default, set the X-Frame-Options header to 'SAMEORIGIN', meaning the
response can only be loaded on a frame within the same site. To prevent the
response from being loaded in a frame in any site, set X_FRAME_OPTIONS in
your project's Django settings to 'DENY'.
By default, set the X-Frame-Options header to 'DENY', meaning the response
cannot be displayed in a frame, regardless of the site attempting to do so.
To enable the response to be loaded on a frame within the same site, set
X_FRAME_OPTIONS in your project's Django settings to 'SAMEORIGIN'.
"""
def process_response(self, request, response):