Link tool - 'show in frame' not working with same origin policy
When trying to display a link in an iframe, it doesn't work if the webpage has added the following HTTP header:
X-Frame-Options: SAMEORIGIN (e.g. google.com). If this is the case you get an empty iframe which could be perceived as a bug by the user. Perhaps this could be checked in some way and a warning could then be displayed?
Updated by Sven Vanpoucke about 7 years ago
- Status changed from New to Needs more info
- Assignee set to Anonymous
This is a html issue. We can not detect this without making an internal request to the webpage (= lots of overhead). The link you gave indicates that firefox will add an error message for this in the future. (When an attempt is made to load content into a frame, and permission is denied by the X-Frame-Options header, Firefox currently renders about:blank into the frame. At some point, an error message of some kind will be displayed in the frame instead.)