remove X-Frame-Options=SAMEORIGIN header to match gnomad browser, and…

… to allow embedding in other portals
konradjk · Mar 21, 2017 · a212465 · a212465
1 parent 01fd36d
commit a212465
Showing 1 changed file with 0 additions and 7 deletions.
diff --git a/exac.py b/exac.py
@@ -922,13 +922,6 @@ def read_viz_files(path):
     return rv
 
 
-@app.after_request
-def apply_caching(response):
-    # prevent click-jacking vulnerability identified by BITs
-    response.headers["X-Frame-Options"] = "SAMEORIGIN"
-    return response
-
-
 if __name__ == "__main__":
     runner = Runner(app)  # adds Flask command line options for setting host, port, etc.
     runner.run()