Grafana cloud public dashboards and X-Frame-Options: deny

Is it possible to have a public dashboard without the “X-Frame-Options: deny” http response header ?
We have grafana cloud version: 10.0.1-cloud.3.f250259e


Hi @iantory !

Removing or modifying the X-Frame-Options: deny is not currently supported in Grafana Cloud due to security concerns. We do have a feature request open for this if/when security issues are addressed.

This is a setting you can choose to allow in a self-managed Grafana environment with Grafana open source software license. Please be aware of the vulnerability referenced in the configuration doc below:

I will also request for the limitations section of the Public Dashboards documentation to be updated with this information.

OK thanks for clarifying