mirror of
https://github.com/home-assistant/home-assistant.io.git
synced 2025-07-09 18:36:51 +00:00
Document use_x_frame_options http configuration option (#28453)
This commit is contained in:
parent
5aaee9675d
commit
4ca99a003e
@ -62,6 +62,11 @@ use_x_forwarded_for:
|
||||
required: false
|
||||
type: boolean
|
||||
default: false
|
||||
use_x_frame_options:
|
||||
description: "Controls the `X-Frame-Options` header to help prevent [clickjacking](https://en.wikipedia.org/wiki/Clickjacking)."
|
||||
required: false
|
||||
type: boolean
|
||||
default: true
|
||||
trusted_proxies:
|
||||
description: "List of trusted proxies, consisting of IP addresses or networks, that are allowed to set the `X-Forwarded-For` header. This is required when using `use_x_forwarded_for` because all requests to Home Assistant, regardless of source, will arrive from the reverse proxy IP address. Therefore in a reverse proxy scenario, this option should be set with extreme care. If the immediate upstream proxy is not in the list, the request will be rejected. If any other intermediate proxy is not in the list, the first untrusted proxy will be considered the client."
|
||||
required: false
|
||||
|
Loading…
x
Reference in New Issue
Block a user