Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More
This thread was closed and archived. Please ask a new question if you need help.
Locked Archived

Getting security warning even when X-Frame-Options: SAMEORIGIN added to subpage loaded in iframe

Firefox Faragha na usalama
cor-el replied
SuMo Bot
SuMo Bot

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing?

Thanks in Advance! Shibu.

In our application we are opening a sub page in an iframe within the main page. Both pages are form the same Domain. Although we've added X-Frame-Options: SAMEORIGIN to the page loaded in the iframe, it still gives this error. Could you please suggest on how to solve this issues, what would I be missing? Thanks in Advance! Shibu.

All Replies (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer

Hi Shibu, does your server send any Content-Security-Policy headers? This overrrides X-Frame-Options if both are sent:

https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

Otherwise, perhaps there is a more subtle mismatch in the protocol, host name, or port.

cor-el
cor-el
  • Top 25 Contributor
  • Moderator

You can also check this in the Network Monitor.

SuMo Bot
SuMo Bot Mwenye swali

This question has been locked because the original author has deleted their account. While you can no longer post new replies, the existing content remains available for reference.