I-Frame 'X-Frame-Options' to 'sameorigin' Issue!

Sumeet Verma
Mega Expert

‎10-30-2018 01:40 AM

Hi,

one of my team is trying to open our Service now Instance through the I-Frames and getting below error. can someone please suggest steps to fix this issue. thanks...

 

find_real_file.png

i got a suggestion as below to tweak the Web security file but i dont find it in the navigator search.

where and how do i do it. thanks...

find_real_file.png

Preview file
11 KB
Preview file
9 KB
0 Helpfuls
  • 2,804 Views
2 REPLIES 2

danb2015
Kilo Contributor

‎08-13-2019 11:25 AM

Sumeet,

Did you ever find a solution to this?

0 Helpfuls

kevinkatler
Kilo Contributor

‎10-23-2022 10:11 PM

You cannot display a lot of websites inside an iFrame. Reason being that they send an "X-Frame-Options: SAMEORIGIN" response header. This option prevents the browser from displaying iFrames that are not hosted on the same domain as the parent page.

 

I faced the same error when displaying YouTube links. For example: https://www.youtube.com/watch?v=8WkuChVeL0s

 

I replaced watch?v= with embed/ so the valid link will be: https://www.youtube.com/embed/8WkuChVeL0s

It works well.

 

Try to apply the same rule on your case.

 

SAMEORIGIN

The page can only be displayed in a frame on the same origin as the page itself. The spec leaves it up to browser vendors to decide whether this option applies to the top level, the parent, or the whole chain, although it is argued that the option is not very useful unless all ancestors are also in the same origin.

 

0 Helpfuls