authentication - How to authenticate inside an iframe when it is blocked by X-Frame-Options

Question

Welcome To Ask or Share your Answers For Others

authentication - How to authenticate inside an iframe when it is blocked by X-Frame-Options

asked Jan 27, 2021 in Technique[技术] by 深蓝 (71.8m points)

authentication - How to authenticate inside an iframe when it is blocked by X-Frame-Options

I am working with an application where another application is embedded inside an iframe.

The embedded application uses a google service which requires authentication.

Of course Google is not happy about this

Refused to display 'https://accounts.google.com/signin/oauth/error?authError=[...characters...].apps.googleusercontent.com' in a frame because it set 'X-Frame-Options' to 'deny'

Is there any alternative for authenticating and connecting to this service within the iframe?

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-01-27T04:45:59+0000

If X-Frame-Options is set to DENY then supporting browsers will refuse to display the site in an iframe regardless of site settings or domain.

This behavior is intended to prevent clickjacking attacks.

If you have control over the browser your users are utilizing, you can select a browser that does not support X-Frame-Options.

Categories

authentication - How to authenticate inside an iframe when it is blocked by X-Frame-Options

authentication - How to authenticate inside an iframe when it is blocked by X-Frame-Options

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags