From a58780eaaba214ff07422413a888908c984fa48a Mon Sep 17 00:00:00 2001
From: Ben Dickinson <ben.dickinson@torchbox.com>
Date: Mon, 24 Jan 2022 16:58:26 +0000
Subject: [PATCH 1/2] Document setting X-Frame-Options for template errors

---
 docs/getting-started.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docs/getting-started.md b/docs/getting-started.md
index 0e62a3a4..103fb0a3 100644
--- a/docs/getting-started.md
+++ b/docs/getting-started.md
@@ -58,6 +58,15 @@ TEMPLATES = [
 ]
 ```
 
+To see the detailed error pages generated by Django when you have `DEBUG = True` in the pattern library, you'll need to make sure you have `X_FRAME_OPTIONS` set, or your browser will block the response:
+
+```python
+if DEBUG:
+    X_FRAME_OPTIONS = "SAMEORIGIN"
+```
+
+Be careful only to change this when `DEBUG = True` unless you know what you're doing, you risk making your app less secure otherwise!
+
 ### Pattern library settings
 
 Still in Django settings, set the [`PATTERN_LIBRARY`](./reference/api.md#pattern_library) setting. Here is an example showing the defaults:

From 64a288cd5f2f20cc31bb5148caa9d96d4d80cfe4 Mon Sep 17 00:00:00 2001
From: Ben Dickinson <ben.dickinson@torchbox.com>
Date: Mon, 24 Jan 2022 17:01:21 +0000
Subject: [PATCH 2/2] Update CHANGELOG

---
 CHANGELOG.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3233aeb3..8ef69776 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,16 +6,17 @@
 
 - Support for Django 4.0 ([#164](https://github.com/torchbox/django-pattern-library/pull/164)).
 - Support for Python 3.10 ([#163](https://github.com/torchbox/django-pattern-library/pull/163)).
-- VS Code devcontainer for development [#178](https://github.com/torchbox/django-pattern-library/pull/178)
+- VS Code devcontainer for development ([#178](https://github.com/torchbox/django-pattern-library/pull/178)).
+- Documented the need to set `X_FRAME_OPTIONS = "SAMEORIGIN"` to see Django debug responses in the iframe UI ([#186](https://github.com/torchbox/django-pattern-library/pull/186)).
 
 ### Changed
 
-- Change Poetry version to be `>=1.1.12,<2` in Docker development setup (prevents `JSONDecodeError` issue under Python 3.10) [#178](https://github.com/torchbox/django-pattern-library/pull/178)
-- Move demo/test app pattern-library from `/pattern-library/` to `/` [#178](https://github.com/torchbox/django-pattern-library/pull/178)
+- Change Poetry version to be `>=1.1.12,<2` in Docker development setup (prevents `JSONDecodeError` issue under Python 3.10) ([#178](https://github.com/torchbox/django-pattern-library/pull/178)).
+- Move demo/test app pattern-library from `/pattern-library/` to `/` ([#178](https://github.com/torchbox/django-pattern-library/pull/178)).
 
 ### Removed
 
-- We no longer support Python 3.6, as it has reached its end of life ([#163](https://github.com/torchbox/django-pattern-library/pull/163).
+- We no longer support Python 3.6, as it has reached its end of life ([#163](https://github.com/torchbox/django-pattern-library/pull/163)).
 
 ## [0.6.0](https://github.com/torchbox/django-pattern-library/releases/tag/v0.6.0) - 2021-12-21