I have an ASP.NET Core MVC website that is the src of an IFRAME inside a portal. Both the portal an the .NETCore application have the same domain (eg. site.portal.domain / portal.domain).
When I enter the portal, I get a message in the browsers:
mysite.portal.domain refused to connect
(on Chrome), the other browser give different errors, like IE 11 gives:
This content cannot be displayed in a frame
On Chrome debug I found the message:
Refused to display 'https://site.portal.domain' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
Any hints on how to solve that?
In order to run ASP.NET Core Apps on the . NET Framework it needs to only reference . Core NuGet packages which contains only the . NET Standard 2.0 builds.
NET core, it is a daunting task. Both of them pave successful paths for apps. We hope you are aware of the fact that both of them are used in making a robust backend development.
An iframe is used to display a web page within a web page. Iframe is often used to also load third-party scripts in a page or other scripts.
X-FRAME-OPTIONS
is used to protect against clickjacking attempts. If you own the application and want it be framed , you can skip the restrict :
services.AddAntiforgery(o => o.SuppressXFrameOptionsHeader = true);
By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is 'true', the X-Frame-Options header will not be generated for the response.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With