[jitsi-dev] X-Frame-Options: DENY from meet.jit.si


#1

Hi,

Some time over the last couple of days, meet.jit.si has begun responding
to requests with the header "x-frame-options: DENY", preventing
embedding meet.jit.si in iframes. Consequently, the external API
(https://github.com/jitsi/jitsi-meet/blob/8745efb81f7aa4fb1790610a47b083722a871645/modules/API/external/external_api.js
) can't be used to launch a Jitsi meet conference served by meet.jit.si.

Was this an intentional policy change? Going forward, do you require
people using the external API or embedding jitsi meet conferences in
other websites to run their own servers to do so?

best,
Charlie