Show More
| @@ -186,10 +186,14 b' IFrame embedding' | |||||
| 186 | The IPython Notebook and its APIs by default will only be allowed to be |
|
186 | The IPython Notebook and its APIs by default will only be allowed to be | |
| 187 | embedded in an iframe on the same origin. |
|
187 | embedded in an iframe on the same origin. | |
| 188 |
|
188 | |||
| 189 | To override this, set ``headers[X-Frame-Options]`` to one of |
|
189 | Override ``headers['Content-Security-Policy']`` within your notebook | |
|
|
190 | configuration to extend for alternate domains and security settings.:: | |||
| 190 |
|
|
191 | ||
| 191 | * DENY |
|
192 | c.NotebookApp.tornado_settings = { | |
| 192 | * SAMEORIGIN |
|
193 | 'headers': { | |
| 193 | * ALLOW-FROM uri |
|
194 | 'Content-Security-Policy': "default-src 'self' *.jupyter.org | |
|
|
195 | } | |||
|
|
196 | } | |||
| 194 |
|
|
197 | ||
| 195 | See `Mozilla's guide to X-Frame-Options <https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options>`_ for more examples. |
|
198 | For a more thorough and accurate guide on Content Security Policies, check out | |
|
|
199 | `MDN's Using Content Security Policy <https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy>`_ for more examples. | |||
General Comments 0
You need to be logged in to leave comments.
Login now