Contact Us


Pendo Help CenterInstallationX-Frame-Options header

X-Frame-Options header

We strongly recommend using the frame-ancestors directive from the official Content Security Policy (CSP) Level 2 specification instead of using the unofficial X-FRAME-OPTIONS header.

If switching to CSP is not an option, you can still use the Pendo in-app designer one of two ways:

Chrome Plugin

Ignore X-Frame-Headers extension

Firefox Plugin

Ignore X-Frame-Headers extension


Since X-FRAME-OPTIONS is not an official standard, there are various implementations which may not support this value. We tested this on Firefox 43.

You must specify the URI. Note you can only include one URI per ALLOW-FROM separated by semi-colon.

X-Frame-Options: ALLOW-FROM

© 2019 Pendo  |  Terms of Service  |  Privacy Policy