Forum Discussion
kimhenriksen
Cirrostratus
CirrostratusRemoving x-frame-options header from response when using APM
Hey everyone! We have an application that uses iframe to load another site that´s apm protected, but the default x-frame-options deny blocks this. Anyone have any ideas on how to bypass this (withou...
This should do the trick.
when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable } when HTTP_RESPONSE_RELEASE { HTTP::header remove "x-frame-options" }The apm policy fires always if it is attached to the vs, unless you add an ACCESS::disable anywhere.
Why ACCESS::restrict_irule_events is required: https://clouddocs.f5.com/api/irules/ACCESS__restrict_irule_events.html
kimhenriksenCirrostratus
CirrostratusThat´s a negative on that, your irule was almost identical to mine .. except for the first event. But what i added that, the apm policy doesnt fire at all... When i access the vip there is nothing.
Juergen_Mang
MVP
MVPThe apm policy fires always if it is attached to the vs, unless you add an ACCESS::disable anywhere.
Why ACCESS::restrict_irule_events is required: https://clouddocs.f5.com/api/irules/ACCESS__restrict_irule_events.html
- kimhenriksen
Yes, we had some other issues.. and they just appeared at the same time. The first part was what i was missing, so this will not be forgotten in the future.
when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable }