I'm trying to implement Facebook login on a site I am building. I have got everything working except for one thing in development. The current X-Frame-Options header is set to sameorigin which means it won't allow Facebook login to be embedded in my website.

I want to add this header to all responses sent by Flask to the browser:

X-Frame-Options: allow-from https://www.facebook.com/

Can anyone point me in the right direction please as to how to do this?

I thought middleware might be an option, but I'm not sure if there is a better option or not?

0 Answers