Possible Duplicate:
Overcoming “Display forbidden by X-Frame-Options”
I have this HTML code on a server (Heroku). From the iframe of www.example.com I click on the "login to google" button, but I get this error message:
Refused to display document because display forbidden by X-Frame-Options
I tried adding the <meta http-equiv="X-Frame-Options" content="GOFORIT">
on the header of www.example.com but still doesn't work. Any ideas? Thanks
<html>
<head>
<title>Test</title>
</head>
<body>
<iframe src="http://www.example.com" width=1000 height=1000></iframe>
</body>
</html>
You have to use real HTTP response headers. <meta http-equiv>
isn't really equivalent.
How you set those depends on your server and/or server side programming language.
e.g. for Apache, with mod_headers:
Header set X-Frame-Options GOFORIT
… will do the job.