X-Frame-Options in Magento 2.3.5-p1
Magento Asked on December 30, 2021
I’ve set X-Frame-Options
'x-frame-options' => '*',
in env as mentioned in the doc
Magento Docs
But still I’m getting this error
Refused to display ‘https://mythridpartyurlhere.com/’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.
One Answer
Just because you allow iframes to load from any URL it does not mean the third party resource allows you to.
If you read the error carefully it mentions the third party URL itself has sameorigin set and not your Magento installation.
Refused to display 'https://mythridpartyurlhere.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
There is nothing you can do about this, the third party does not allow you to load this resource in an iframe on your website.
To confirm this check the response headers on the resource:
Answered by Ben Crook on December 30, 2021
Add your own answers!
Ask a Question
Get help from others!
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?
Recent Answers
- haakon.io on Why fry rice before boiling?
- Peter Machado on Why fry rice before boiling?
- Lex on Does Google Analytics track 404 page responses as valid page views?
- Joshua Engel on Why fry rice before boiling?
- Jon Church on Why fry rice before boiling?