Adobe Connect User Community

#1 2016-10-20 16:15:57

Todd Shelton

Setting Configure X-Frames Options does not create the correct header

In Adobe Connect (cloud) setting Configure X-Frames Options to SAMEORIGIN does not create the correct HTTP header, which should be X-Frame-Options: SAMEHEADER. 

In fact, it appears to have no effect at all. 

We need this to work because without this header, our landing pages fail vulnerability testing at one of our customers ( a large software company). 

Setting this option restricts IFrames, and SAMEORIGIN restricts them to the same domain. 

This is a pretty common security vulnerability, and Connect looks like it has provision for it.  Has anyone else run across this and successfully configured it? 



Board footer