diff options
Diffstat (limited to 'Documentation/config-gerrit.txt')
-rw-r--r-- | Documentation/config-gerrit.txt | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt index 531bb94f7c..006af8607c 100644 --- a/Documentation/config-gerrit.txt +++ b/Documentation/config-gerrit.txt @@ -2086,6 +2086,25 @@ Setting this option to true will prevent this behavior. + By default false. +[[gerrit.xframeOption]]gerrit.xframeOption:: ++ +Add link:https://tools.ietf.org/html/rfc7034[`X-Frame-Options`] header to all HTTP +responses. The `X-Frame-Options` HTTP response header can be used to indicate +whether or not a browser should be allowed to render a page in a +`<frame>`, `<iframe>`, `<embed>` or `<object>`. ++ +Available values: ++ +1. ALLOW - The page can be displayed in a frame. +2. SAMEORIGIN - The page can only be displayed in a frame on the same origin as the page itself. ++ +If link:#gerrit.canLoadInIFrame is set to false this option is ignored and the +`X-Frame-Options` header is always set to `DENY`. +Setting this option to `ALLOW` will cause the `X-Frame-Options` header to be omitted +the the page can be displayed in a frame. ++ +By default SAMEORIGIN. + [[gerrit.cdnPath]]gerrit.cdnPath:: + Path prefix for PolyGerrit's static resources if using a CDN. |