1

i have javascript game on my facebook tab.

When user is done with the game, it has option to submit his name and so on - it's done by clicking on a link that leads to same domain, even same folder where my app is located, it's just different file with form.

But I'm getting Refused to display document because display forbidden by X-Frame-Options in every browser except google chrome.

What m'i doing wrong ?

Tomek
  • 100
  • 2
  • 8
  • What X-Frame-Options are you setting on the URL which accepts the form input and/or the page the user is redirected to afterwards? – Igy Oct 28 '14 at 23:55
  • I'm totally clueless about what i'm supposed to do. At the moment i just have link that leads to form file. url doesn't contain any domains. it's just a href="form.php"; i have php header( 'X-Frame-Options: SAMEORIGIN' ); in both files. is there something i can do about it with javascript/php/htaccess ? – Tomek Oct 29 '14 at 00:02
  • 1
    my bad :( 'X-Frame-Options: ALLOWALL' solved my problem – Tomek Oct 29 '14 at 01:15

1 Answers1

1

Adding: 

Header always unset X-Frame-Options

to my the top of my .htaccess file helped me fix this issue on a shared hosting site where a Facebook Page Tab APP was located.

ugo
  • 2,705
  • 2
  • 30
  • 34
Jacob Thompson
  • 11
  • 1