Disable x-frame-options in MVC3 or IIS 7.5

asp.net iis iframe web-config x-frame-options
aadi1295 picture aadi1295 · Apr 15, 2014 · Viewed 12.6k times · Source

I want to disable x-frame-options in my website, I want that no other website can show my webpages in their web pages using iframes. My website is made in ASP.net MVC3 and hosted in IIS 7.5.

Answer

Steven V picture Steven V · Apr 15, 2014

There are a bunch of ways to go about this. But one of the easiest is adding <customHeaders> section to the web.config and it will append that header to each request.

<configuration>
   <system.webServer>
      <httpProtocol>
         <customHeaders>
            <add name="X-Frame-Options" value="DENY" />
         </customHeaders>
      </httpProtocol>
   </system.webServer>
</configuration>

Related questions

HTTP Error 503, the service is unavailable

I'm really new to setting up web servers in general. I've got IIS 8 on Windows 8, and I'm trying to set up a little site locally, while doing some development. In IIS I choose Add Site, give a name, points to …

Read More
How do I resolve "HTTP Error 500.19 - Internal Server Error" on IIS7.0

What causes this error, how can I fix it? Detailed Error Information Module IIS Web Core Notification BeginRequest Handler Not yet determined Error Code 0x8007052e Config Error Can not log on locally to C:\inetpub\wwwroot as user administrator …

Read More
Maximum request length exceeded.

I am getting the error Maximum request length exceeded when I am trying to upload a video in my site. How do I fix this?

Read More