

Ask PG: HN X-Frame-Options - ecesena

I've noticed that HN now has X-Frame-Options=deny. May I ask what made it necessary?
======
pasbesoin
I haven't had time to explore this, yet, but I suspect this change has broken
my use of a Firefox extension.

In turn, I've wondered whether it would be acceptable to change the value to
"SAMEORIGIN", which I believe would fix my use case.

[https://developer.mozilla.org/en-US/docs/The_X-FRAME-
OPTIONS...](https://developer.mozilla.org/en-US/docs/The_X-FRAME-
OPTIONS_response_header)

<https://blog.whitehatsec.com/x-frame-options/>

