Home >Web Front-end >JS Tutorial >How to Resolve \'Refused to display…X-Frame-Options: SAMEORIGIN\' Errors in Iframes?
How to Resolve \'Refused to display…X-Frame-Options: SAMEORIGIN\' Errors in Iframes?
- Barbara StreisandOriginal
- 2024-11-27 13:32:10550browse
How to Override 'X-Frame-Options' for Iframes
Problem:
When creating an iframe with JavaScript, the following error occurs:
Refused to display 'https://www.google.com.ua/?gws_rd=ssl' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
Solution:
You cannot set X-Frame-Options on the iframe directly. This is a response header set by the domain serving the resource (in this case, google.com.ua). In this example, the header is set to SAMEORIGIN, which prohibits loading the resource in an iframe from a different domain.
Explanation:
The X-Frame-Options response header is used to control where a resource can be displayed in an iframe. By setting the value to SAMEORIGIN, the domain owner prevents third-party websites from embedding the resource in their iframes.
Example:
To verify this, you can inspect the HTTP headers of the requested URL (using Chrome developer tools, for instance). The X-Frame-Options header value will be returned by the host in the response.
The above is the detailed content of How to Resolve \'Refused to display…X-Frame-Options: SAMEORIGIN\' Errors in Iframes?. For more information, please follow other related articles on the PHP Chinese website!
Related articles
See more- An in-depth analysis of the Bootstrap list group component
- Detailed explanation of JavaScript function currying
- Complete example of JS password generation and strength detection (with demo source code download)
- Angularjs integrates WeChat UI (weui)
- How to quickly switch between Traditional Chinese and Simplified Chinese with JavaScript and the trick for websites to support switching between Simplified and Traditional Chinese_javascript skills