Is it possible to have a public dashboard without the “X-Frame-Options: deny” http response header ?
We have grafana cloud version: 10.0.1-cloud.3.f250259e
Thanks
Hi @iantory !
Removing or modifying the X-Frame-Options: deny is not currently supported in Grafana Cloud due to security concerns. We do have a feature request open for this if/when security issues are addressed.
This is a setting you can choose to allow in a self-managed Grafana environment with Grafana open source software license. Please be aware of the vulnerability referenced in the configuration doc below:
I will also request for the limitations section of the Public Dashboards documentation to be updated with this information.
OK thanks for clarifying