From 1d9d96f467b6f544326b87e1112326b6162b3fe1 Mon Sep 17 00:00:00 2001
From: Philip Sargent <philip.sargent@klebos.com>
Date: Tue, 4 May 2021 14:17:07 +0100
Subject: [PATCH] IFRAMES chnaged to DENY

---
 settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/settings.py b/settings.py
index 7f53835..218c27d 100644
--- a/settings.py
+++ b/settings.py
@@ -122,7 +122,7 @@ SECURE_CONTENT_TYPE_NOSNIFF = True
 SECURE_BROWSER_XSS_FILTER = True
 # SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere?
 # CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL
-X_FRAME_OPTIONS = 'SAMEORIGIN'  # change to "DENY" after we eliminate all the iframes e.g. /xmlvalid.html
+X_FRAME_OPTIONS = 'DENY'  # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html
 
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' # from Django 3.2