I-Frame 'X-Frame-Options' to 'sameorigin' Issue!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2018 01:40 AM
Hi,
one of my team is trying to open our Service now Instance through the I-Frames and getting below error. can someone please suggest steps to fix this issue. thanks...
i got a suggestion as below to tweak the Web security file but i dont find it in the navigator search.
where and how do i do it. thanks...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2019 11:25 AM
Sumeet,
Did you ever find a solution to this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2022 10:11 PM
You cannot display a lot of websites inside an iFrame. Reason being that they send an "X-Frame-Options: SAMEORIGIN" response header. This option prevents the browser from displaying iFrames that are not hosted on the same domain as the parent page.
I faced the same error when displaying YouTube links. For example: https://www.youtube.com/watch?v=8WkuChVeL0s
I replaced watch?v= with embed/ so the valid link will be: https://www.youtube.com/embed/8WkuChVeL0s
It works well.
Try to apply the same rule on your case.
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page itself. The spec leaves it up to browser vendors to decide whether this option applies to the top level, the parent, or the whole chain, although it is argued that the option is not very useful unless all ancestors are also in the same origin.