Softminer.Net: IFrame embeding browser permissions

IFrame embeding browser permissions

Posted on 5:21 AM by Softminer and filed under ASP.NET

by default asp.net is setting x-frame-options: SAMEORIGIN which doesnt allow anywebsite to embed your IFRAME to disable that you need to

System.Web.Helpers.AntiForgeryConfig.SuppressXFrameOptionsHeader = true;

But the make sure to have this value to same origin in web.config

<add name="X-Frame-Options" value="SAMEORIGIN" />

The X-Frame-Options header may contain one of three tokens:

DENY

SAMEORIGIN

ALLOW-FROM origin

read more: https://bit.ly/2pGxI1n

you can allow a website by

X-Frame-Options: ALLOW-FROM https://yourwebsite.com

but new browser are also taking look at this value on header:

Content-Security-Policy: frame-ancestors 'self' https://yourwebsite.com

more about it

https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

https://www.keycdn.com/blog/http-security-headers/

https://content-security-policy.com/

Response to ... IFrame embeding browser permissions

lucknowhotescorts.com said... January 8, 2021 at 11:21 PM: I would like to say that you are an amazing blogger...You can inspired me to write blogs for
Escort service in Jaipur
Escort service in Jaipur
Escort service in Jaipur
Delhi escort service
Escort service in Guwahati
Escort service in Guwahati
Escort service in Guwahati
Escort service in Guwahati
Escort service in lucknow
Escort service in Aerocity

Softminer.net

News About IT

IFrame embeding browser permissions

Contact

Popular Posts

Labels

Links

Blog Archive