I have a Visualforce page that I want to make safe for framing in an iframe on another page I own. I want to specify X-FRAME-OPTIONS to allow access from my framing domain. Many HTTP response header settings can be set by using a <meta http-equiv="" content="">, but X-FRAME-OPTIONS is cannot, due to security risks (the meta tag might not be evaluated until after some of the page has been rendered).
Is there any way to specify X-FRAME-OPTIONS for a Visualforce page? Is there a setting in Salesforce I can change? Is there any Visualforce code I can insert?
I have a Visualforce page that I want to make safe for framing in an iframe on another page I own. I want to specify X-FRAME-OPTIONS to allow access from my framing domain. Many HTTP response header settings can be set by using a <meta http-equiv="" content="">, but X-FRAME-OPTIONS is cannot, due to security risks (the meta tag might not be evaluated until after some of the page has been rendered).
Is there any way to specify X-FRAME-OPTIONS for a Visualforce page? Is there a setting in Salesforce I can change? Is there any Visualforce code I can insert?
