X iframe headers

Rules96 · November 24, 2016, 5:44pm

Turned out that this hosting sends:
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Xss-Protection:1; mode=block
repose headers, or it’s not your server but a zyro site-builder?
Is there a way to overcome it? If no your hosting is useless for me((

Rules96 · November 24, 2016, 6:23pm

Also PHP doesn’t seem to work anymore

Infinity · November 24, 2016, 6:27pm

Script are you using?

andrius · November 24, 2016, 7:13pm

what are you trying to build?

Rules96 · November 24, 2016, 7:28pm

I’m trying to make a “application for groups” in VK social network. And it required iframe to work. But vk blocked this site as a phishing one. But I made support guys let me add this site in iframe. But now… it doesn’t work because of those headers. Plus I suddenly realized that opening a php file in browser results in php source code as plain text in browser. same thing with ajax requests to php. But it used to work earlier…

andrius · November 24, 2016, 7:34pm

can you give me an example regarding this?

Rules96 · November 25, 2016, 5:27pm

I fixed it with php (turned out \r\n problem)… Anyway is there a way to change these headers:
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Xss-Protection:1; mode=block

Skirmis · January 19, 2017, 8:48am

Removed X-Frame-Options ALLOWALL from server headers. Please try.

Rules96 · January 19, 2017, 8:30pm

Hmm. It’s not important anymore (I’ve given up that project then)… Thanks though! - I’ll try when I have time,

Rules96 · January 19, 2017, 8:40pm

I’ve tested it anyway (was too curious)) ). Thanks a lot it works!! Did you do this for my site personally or for “hosting as a whole”? I believe this might compromise security of your service… And am not sure wether it is worth it giving such GREAT OPPORTUNITIES on a FREE hosting!!)) Thanks though

Join the Conversation

A community of people sharing their web development knowledge.

X iframe headers