Getting security warning even when X-Frame-Options: SAMEORIGIN added to subpage loaded in iframe

2 การตอบกลับ
0 คนมีปัญหานี้
7 ครั้งที่ดู
ตอบกลับล่าสุดโดย cor-el

2 ปีก่อน

1/2/23 03:53

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing?

Thanks in Advance! Shibu.

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing? Thanks in Advance! Shibu.

Answer 1 · 2023-02-01 03:53:37

jscher2000 - Support Volunteer

Top 10 Contributor

1/2/23 07:18

Hi Shibu, does your server send any Content-Security-Policy headers? This overrrides X-Frame-Options if both are sent:

https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

Otherwise, perhaps there is a more subtle mismatch in the protocol, host name, or port.

Answer 2 · 2023-02-01 03:53:37

cor-el

Top 25 Contributor
Moderator

1/2/23 07:35

You can also check this in the Network Monitor.

ค้นหาฝ่ายสนับสนุน

Getting security warning even when X-Frame-Options: SAMEORIGIN added to subpage loaded in iframe

การตอบกลับทั้งหมด (2)

Explore by product

Explore by topic

เรียกดูตามผลิตภัณฑ์

Browse all forum threads by topic

Get help with

ค้นหาฝ่ายสนับสนุน

Getting security warning even when X-Frame-Options: SAMEORIGIN added to subpage loaded in iframe

การตอบกลับทั้งหมด (2)