Refused to display 'http://extremedev.example.com' in a frame because it is set 'X-Frame-Options' to 'SAMEORIGIN'
This is an error that can appear when you want to display a site through an iframe of another site. It will not allow for the site within the iframe to be displayed.
So what to do in this case?
There are several articles on the internet that are suggesting that you need to add some headers that will allow the display of the site through the iframe from different domains. For example: https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Well but not in all cases.
I also had this problem and the we tried everything but nothing helped. Then we found out that we are using @Html.AntiForgeryToken() in our code.
Well with ASP.NET MVC 4 there is no problem with that but in the newer version: ASP.NET MVC 5.
ASP.NET MVC 5 in combination with @Html.AntiForgeryToken() your Razor will automatically add the X-Frame-Options HTTP Header with the SAMEORIGIN value.
They are doing that specially so no one will be able to put your site as an iframe.
THE FIX FOR THIS all you need is to add the following code in the Global.asax.cs Application_Start() method the following code:
Code:
5 comments:
Good article.
helpful,thank you
Hey keep posting such good and meaningful articles.
Very great post. I simply stumbled upon your blog and wanted to say that I have really enjoyed browsing your weblog posts. After all I’ll be subscribing on your feed and I am hoping you write again very soon!
Very great post. I simply stumbled upon your blog and wanted to say that I have really enjoyed browsing your weblog posts. After all I’ll be subscribing on your feed and I am hoping you write again very soon!
Post a Comment
your thoughts are welcome: