`X-frame-options: Deny` or `Content-Security-Policy: frame-ancestors none` with Google Search Images
JulioJu opened this issue · comments
Hi,
I'm searching sources that said that X-frame-options: Deny
or Content-Security-Policy: frame-ancestors none;
on html files could cause problems with Google Search Images, but I don't found.
server-configs-nginx/h5bp/security/x-frame-options.conf
Lines 16 to 19 in d249bf2
Could you give me your source please ?
I don't understand why forbid to embed the website in iframe in another website could cause troubleshooting with Google Images.
Thanks in advance :-)
I feel that maybe someone was mixing up frames and images. Search results would link to the website's images, but it wouldn't embed parts of the page as an iframe...
I suppose the sort of legitimate uses that it was meant to talk might be things more along the lines of overlaid translations or some kind of feature that allows you to annotate over another website, or a presentation tool that displays a web page alongside some additional information in a sidebar, etc.
Thanks for opening this issue @JulioJu.
If I remember well, at the time of writing this comment, Google Image Search was actually embeding websites with iframes to allow user to see in-situ image usage.
It's definitely not the case anymore, so probably this ref needs to be removed.
Pull-request to fix that? 🙂
Thanks for your answer 😃 .
Ok I do it 😄