services.grafana.settings.security.allow_embedding
NixOS option
When false, the HTTP header X-Frame-Options: deny will be set in Grafana HTTP responses which will instruct browsers to not allow rendering Grafana in a <frame>, <iframe>, <embed> or <object>. The main goal is to mitigate the risk of Clickjacking.
type: booleanDefault
declared in: nixos/modules/services/monitoring/grafana.nixView source on NixOS/nixpkgs →false