Invalid 'X-Frame-Options' header encountered when loading 'https://domain.com:4567/': 'ALLOW-FROM https://domain.com/' is not a recognized directive. The header will be ignored.
While loafing into iframe, getting this error. It may be an issue if it stops working completely as this header directive is already obsolete.
According MDN documents, ALLOW-FROM uri is no more a part of X-Frame-Options header.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Also, In latest version of NodeBB, it is getting used and throwing error. We tried multiple patches/subversions of version 12 and 13. But no luck.
Please share if we have any solution or workaround for the same.