#24896 closed Cleanup/optimization (fixed)
Clickjacking doc doesn't specify middleware/view decorator behaviour when X-Frame-Options header is already set.
| Reported by: | wsot | Owned by: | nobody |
|---|---|---|---|
| Component: | Documentation | Version: | 1.8 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
On the page https://docs.djangoproject.com/en/1.8/ref/clickjacking/ it is not specified what the behaviour of the view decorators and middleware is when the X-Frame-Options HTTP header is already present.
(The behaviour is that if the header is already present, it is left unmodified)
Note:
See TracTickets
for help on using tickets.
In 0b5fb8e: