I am using Graylog 5.0.7 along with MongoDB 5.0.12 and Opensearch 2.0.1 and it has been configured to one of our application , when I click from our application page it gives connection refused but when I access with http://mydomain.com/graylog/ it works fine,
I did inspect of page and it give below error
Refused to display ‘https://mydomain.com/’ in a frame because it set multiple ‘X-Frame-Options’ headers with conflicting values (‘SAMEORIGIN, DENY’). Falling back to ‘deny’.
i have bind address configured as 0.0.0.0:9000 , also we are using any proxy
can you please let me know if anything can be done so that if I click on graylog icon from my page it should open, this was working scenario when I was using Graylog 4.3.3
Anything has changed from 4.3.3 to 5.0.7 with respect to accessing graylog
Can you clarify what this means: “it has been configured to one of our application , when I click from our application page it gives connection refused”
Are you embedding the graylog web interface page in an html frame?
I did a bit of digging and found a http_allow_embedding server configuration option (configured via server.conf)
To prevent click-jacking, we are now preventing the frontend from being embedded in <frame> /<iframe> /etc. elements by sending the X-Frame-Options header with all HTTP responses. The header value depends on the new configuration setting http_allow_embedding .
If you want to be able to embed the Graylog frontend in another HTML page, you most likely want to set http_allow_embedding to true . Only do this if you are aware of the implications!
