Project

General

Profile

Bug #4997

Link tool - 'show in frame' not working with same origin policy

Added by Anonymous over 7 years ago. Updated about 7 years ago.

Status:
Needs more info
Priority:
Normal
Assignee:
-
Start date:
18/06/2012
Due date:
% Done:

0%

Estimated time:
Complexity:
Normal

Description

When trying to display a link in an iframe, it doesn't work if the webpage has added the following HTTP header: X-Frame-Options: SAMEORIGIN (e.g. google.com). If this is the case you get an empty iframe which could be perceived as a bug by the user. Perhaps this could be checked in some way and a warning could then be displayed?
Info: developer.mozilla.org

History

#1

Updated by Stefaan Vanbillemont about 7 years ago

  • Target version set to Backlog (default)
#2

Updated by Sven Vanpoucke about 7 years ago

  • Status changed from New to Needs more info
  • Assignee set to Anonymous

This is a html issue. We can not detect this without making an internal request to the webpage (= lots of overhead). The link you gave indicates that firefox will add an error message for this in the future. (When an attempt is made to load content into a frame, and permission is denied by the X-Frame-Options header, Firefox currently renders about:blank into the frame. At some point, an error message of some kind will be displayed in the frame instead.)

Also available in: Atom PDF