Documentation
Documentation
Rocketium Code
Rocketium Button
Documentation
Documentation
Rocketium introduction
Campaign - BANNER , VIDEO CREATION
About Campaign
Design
Automate
Manage, share and review
Run campaigns
FAQ
More details
Code - Banner, video creation API
Quick start
Documentation
FAQ
Button - White-label banner, video creator
Quick start
Documentation
FAQ
Best Practices/ Recipes
Studio - Banner, video creator
Workspaces
Template Selection
Editor
Media Library
Account Settings
Store
Powered by GitBook

Best Practices/ Recipes

X-Frame-Options

The button product works perfectly well with the chrome browser, but on the firefox browser the button needs an additional x-frame option to be entered to make the function better.

The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Sites can use this to avoid click-jacking attacks, by ensuring that their content is not embedded into other sites.

The added security is provided only if the user accessing the document is using a browser that supports X-Frame-Options. ALLOW-FROM uri The legacy Firefox implementation still suffered from a problem, it doesn't check the frame ancestors to see if they are in the same origin. The Content-Security-Policy HTTP header has a frame-ancestors directive which you can use instead. We can add the following to the specification depending on the web engine :- X-Frame-Options : 'ALLOW-FROM https://rocketium.com' For Nginx It is either add_header X-Frame-Options 'ALLOW-FROM https://rocketium.com'; or proxy_set_header X-Frame-Options 'ALLOW-FROM https://rocketium.com'; For Apache Header always set X-Frame-Options "ALLOW-FROM https://rocketium.com"

Button - White-label banner, video creator - Previous
FAQ
Next - Studio - Banner, video creator
Workspaces
Last updated 1 year ago