Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Wannan tattunawa ta zama daɗaɗɗiya. Yi sabuwar tambaya idan ka na bukatar taimako.

Getting security warning even when X-Frame-Options: SAMEORIGIN added to subpage loaded in iframe

  • 2 amsoshi
  • 0 sa na da wannan matsala
  • 6 views
  • Amsa ta ƙarshe daga cor-el

more options

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing?

Thanks in Advance! Shibu.

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing? Thanks in Advance! Shibu.

All Replies (2)

more options

Hi Shibu, does your server send any Content-Security-Policy headers? This overrrides X-Frame-Options if both are sent:

https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

Otherwise, perhaps there is a more subtle mismatch in the protocol, host name, or port.

more options