Breaking change: X-Frame-Options set to DENY

Hi there,

It looks like Netlify changed its default headers. In particular, setting X-Frame-Options; DENY. This is a breaking change! My app relies on an iframe that users can add to their websites. Setting X-Frame-Options; DENY prevents the app from loading. Unfortunately, there is no way to unset X-Frame-Options;, i.e. X-Frame-Options; ALLOWALL isn’t a valid value. Please advise!


I figured it out. It turns out Netlify now automatically injects the Netlify Adapter for Gatsby websites! This in turns disables the existing gatsby-plugin-netlify plugin and sets default headers including X-Frame-Options; DENY.

Here is a sample of my build log on Netlify:

10:13:56 AM: warning Disabling plugin gatsby-plugin-netlify:
10:13:56 AM:  - Not compatible with the gatsby-adapter-netlify adapter. Please remove it from your gatsby-config.

The solution is to override the headers option inside gatsby-config.

It would have been nice to get a heads-up before making that change!