2

I'm simply trying to display an external page inside an Iframe in a page in Sharepoint 2013 Online, I read many many possible solutions but no good at all.. the last thing I've tried is to add in my Seattle.Master

<WebPartPages:AllowFraming runat="server"/>

But I still got nothing.. it keep on saying that external content are not allowed... furthermore in the Sharpoint administration page I tried to add the site i need to visualize inside HTML field security but still no good...I'm out of option, does anyone has other ideas? Thanks in advance

Edit: I'm tring to visualize outlook.office365.com/owa

FabioEnne
  • 732
  • 1
  • 14
  • 43

1 Answers1

1

No.

It is up to page itself if it can or can't be displayed in IFrame. There is nothing you can do on your page to change such behavior.

The behavior is controlled by X-Frame-Options header send by page's site - details can be found on MDN and corresponding RFC 7034.

I.e. most authentication sites/pages and mail/other personal site prevent such "show this in IFrame".

Note that some sites allow such behavior via additional query parameters/configuration - like Google maps or YouTube. See Overcoming "Display forbidden by X-Frame-Options" for discussion.

Community
  • 1
  • 1
Alexei Levenkov
  • 98,904
  • 14
  • 127
  • 179
  • 1
    So are you saying that it is properly outlook.office365.com that doesn't allow itself to be displayed in an Iframe? Is there any kind of workaround? thanks for your answer by the way. – FabioEnne Apr 23 '15 at 15:46
  • 2
    @FabioEnne yes, it is property of outlook.office365.com (or whatever other page/site you'd try to show). I don't know if there is a way to override this behavior for that site, but I'd have very low expectation on achieving it for such type of sites directly. There is likely some other way to show that information - new separate more specific question would likely get attention of people who may know the answer. – Alexei Levenkov Apr 23 '15 at 15:53
  • Do you rekon something like this could work? ` ` – FabioEnne Apr 24 '15 at 12:28
  • @FabioEnne I'm not sure what that script tries to do, but I seriously doubt you can get cross-domain request to outlook.office365.com to succeed at all (you'd need CORS headers for your domain to be enabled on outlook.office365.com , which I doubt). – Alexei Levenkov Apr 24 '15 at 14:47