I am trying to get contents served via traefik displayed as an iframe. Therefore i set the customFrameOptionsValue
label for the backend container, so that traefik sends the x-frame-options
header.
This is my label setting for the specific upstream docker container:
traefik.http.routers.homepage.rule: "Host(`www.{{ traefik_domain }}`)"
traefik.http.routers.homepage.entrypoints: "https"
traefik.http.routers.homepage.service: "homepage"
traefik.http.routers.homepage.tls.certresolver: "le-tls"
traefik.http.services.homepage.loadbalancer.server.port: "80"
traefik.http.services.homepage.loadbalancer.passHostHeader: 'true'
traefik.http.middlewares.homepage.headers.customFrameOptionsValue: "allow-from https://www.qrz.com/db/do1ttk https://www.qrz.com"
traefik.http.middlewares.homepage.headers.contentSecurityPolicy: "frame-ancestors https://www.qrz.com/db/do1ttk https://www.qrz.com"
However, the content is not displayed in the target iframe, and when i look at the headers sent out via the Chrome Dev tools, i see that the x-frame-options
header is still set to SAMEORIGIN
.
What am i missing here?