Hi,
Tried making an iframe integration following the steps specified in
https://academy.bpmonline.com/documents/technic-sdk/7-13/integration-third-party-sites-iframe
Getting the following error, when tried to connect to 'bpmonline.com'
Refused to display 'https://www.bpmonline.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
Pls clarify.
Regards,
Anitha Premkumar
Like
That error is due to the fact that the website you're embedding (in this case www.bpmonline.com) has a HTTP header for X-Frame-Options, which is a header used to indicate if a browser should be allowed to embed a webpage. Apparently, bpmonline.com has this header present and set to "sameorigin" which means it only allows embedding in a frame on it's own website.
Many websites have this header, preventing it from being loaded in a frame, however, if you use a different website (that doesn't have it) it should allow things to work.
Dear Anitha,
As Ryan already mentioned, the following error indicates that the website does not allow embedding itself in iframe on the third-party websites.
You can read the article below for more information:
https://stackoverflow.com/questions/27358966/how-to-set-x-frame-options-on-iframe
This is a security feature for avoiding everyone freely accessing any resources of that domain (which can be accessed for example to have an exact same copy of your website on a pirate domain). It is set on web page server side.
Regards,
Anastasia