d11n 23761eacc1 Unset X-Frame-Options header correctly (#4721) ...

* Unset X-Frame-Options header correctly

According to the [spec](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) there are onlye the `DENY` and `SAMEORIGIN` options, `ALLOW-FROM` being deprecated. Hence we have to actively unset the header, as we made `DENY` the default.

This also unsets the X-Frame-Options header for the public form pages, which fixes #4666.

* Ignore anti forgery token in Forms

---------

Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>

2023-03-01 15:27:18 +09:00

..

Models

POS improvements (#4668)

2023-02-23 09:52:37 +01:00

FormComponentProviders.cs

POS improvements (#4668)

2023-02-23 09:52:37 +01:00

FormDataExtensions.cs

Start using JSONB column instead of app side compressed data (#4574)

2023-02-21 15:06:34 +09:00

FormDataService.cs

Apply branding to custom forms (#4697)

2023-02-23 14:35:29 +01:00

HtmlFieldsetFormProvider.cs

Code formatting updates (#4502)

2023-01-06 22:18:07 +09:00

HtmlInputFormProvider.cs

Code formatting updates (#4502)

2023-01-06 22:18:07 +09:00

IFormComponentProvider.cs

Propagate the ModelState errors on dynamic forms

2022-11-25 18:32:40 +09:00

ModifyForm.cs

Generic Forms (#4561)

2023-02-20 19:35:54 +09:00

UIFormsController.cs

Unset X-Frame-Options header correctly (#4721)

2023-03-01 15:27:18 +09:00