Tips & Tricks
      Back to home
      1. Help Center
      2. Developers
      3. Tips & Tricks

      Create custom headers to enable functionality

      There are times when a need arises to enable certain script functionality in support of development of a campaign.

      Let's say, for example, there is a page where you need to present content from your site in an iframe. When examining the response headers in your browser network developer tools, you see: X-Frame-Options: Deny

      So in this case your iframe content is blocked by the browser even though requesting content from the same domain.

      Solution:  Use a SiteSpect Origin Header Variation to send X-Frame-Options: SAMEORIGIN

       

      In a similar situation where to you need to change your Content-Security-Policy to enable running a script, capture what is being sent from your browser network developer tools, place into a text file, make the updates, and use a SiteSpect Origin Header Variation to send an updated CSP header.

       

      Another example of using an Origin Header Variation is for Set-Cookie.