218c35ea7b
DISALLOW_IFRAME_EMBED can be used to prevent Horizon from being embedded within an iframe. Legacy browsers are still vulnerable to a Cross-Frame Scripting (XFS) vulnerability, so this option allows extra security hardening where iframes are not used in deployment Change-Id: I5c540e552efe738bdec8598f9257fa22ae651a76 Related-Bug: #1641882