Refused to display 'https://example.tld/' in a frame because it set 'X-Frame-Options' to 'deny'
Question
I'm making a browser extension. I have created a popup window that is opened after the user click on a button. I have a form input and an iframe, I want that when the user enter an url it will be able to display it inside the iframe but I'm facing this issue
Refused to display 'https://discord.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
A lot of websites will not load into the iframe and I'm not able to find a way to manage this.
What I want to achive is to have an indipendent webView that will be act like the browser and will load an url when it's inserted by the user. The iframe is the most flexible solution I think, but if anyone have any suggestion on how to implement this I will appreciate.
1 answers
solution1
1 ACCPTED 2020-10-06 03:32:37
Take a look at the X-Frame-Options header: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
The response header you are getting back from https://discord.com/ does not allow the browser to render it inside an <iframe> element. This is for security reasons and you likely won't be able to find a workaround (otherwise it would be a security loophole).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.