This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to handle X-frame-Options response header?

Posted on 11-28-2016 12:36 AM
Not applicable
Reply posted on --/--/---- --:-- AM

I want to open DeveloperPortal from External resource or Html using Iframe tag.

When we try to open a developer portal in this way, the browser is giving me an error, as in dev-issue image, attached here.

The browser shows as X-Frame-options set as "Same origin" and hence the browser will not display it in an iframe, cross origin.

dev-issue.pngdev-issue1.png

Solved Solved
1 8 3,517
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

By default, Drupal v7 emits the X-Frame-Options header to prevent clickjacking.

You can change this behavior. For information on how, see here, and look for "How to override the default behavior."

Maybe you wish to use ALLOW-FROM with the url of the site that will embed the drupal site in the iframe.

Just curious: why force the portal to show up in an iframe?

View solution in original post

Jump to Solution
0 Likes
8 REPLIES 8