OwlCyberSecurity - MANAGER

Edit File: .htaccess

<IfModule mod_headers.c> # Allow only ONE origin (no duplication!) Header always set Access-Control-Allow-Origin "http://testone.onebox.pk" Header always set Access-Control-Allow-Credentials "true" Header always set Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" Header always set Access-Control-Allow-Headers "Content-Type, Authorization" # Allow iframe embedding from the frontend domain Header always unset X-Frame-Options Header always set Content-Security-Policy "frame-ancestors 'self' http://testone.onebox.pk" </IfModule>