Windows 10 reached EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

Getting security warning even when X-Frame-Options: SAMEORIGIN added to subpage loaded in iframe

  • 2 respostas
  • 0 tem este problema
  • 20 visualizações
  • Última resposta de cor-el

shibu.osc
shibu.osc
more options

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing?

Thanks in Advance! Shibu.

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing? Thanks in Advance! Shibu.

Todas as respostas (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Hi Shibu, does your server send any Content-Security-Policy headers? This overrrides X-Frame-Options if both are sent:

https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

Otherwise, perhaps there is a more subtle mismatch in the protocol, host name, or port.

cor-el
cor-el
  • Moderator
more options

You can also check this in the Network Monitor.