From: Thomas Heller <thomas.heller@pixelpark.com>
Date: Tue, 11 Oct 2016 09:22:14 +0000 (+0200)
Subject: bkk-vbu - new header config
X-Git-Tag: v0.1.0~4012
X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=99e3661401efb1f0e23f12ff60496fd78913acb7;p=pixelpark%2Fhiera.git

bkk-vbu - new header config
---

diff --git a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
index beaf3150..474defaf 100644
--- a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
+++ b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
@@ -47,7 +47,7 @@ site::profile::apache::pp_vhosts:
       - 'always unset "X-Powered-By"'
       - 'set X-Content-Type-Options: nosniff'
       - 'set X-XSS-Protection: "1; mode=block"'
-      - 'set X-Frame-Options: DENY'
+      - 'set X-Frame-Options: ALLOW-FROM https://dev-cms01-meine-krankenkasse-de.pixelpark.net'
       - "set Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\""
       - "set X-Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\""
     headers_ssl: