iframe not working in chrome browser but safari working correctly

Question

i'm using iframe for loading third party web site. not(youtube,linkedIn) it's ex: zomato its not working in chrome .it say like this in console

Refused to display 'https://www.zomato.com/' in a frame because an ancestor violates the 
following Content Security Policy directive: "frame-ancestors 'self'".

but same thing is working in safari browser .

This is because Zomato is protected with a SSL certificate, and chrome won't allow you to show HTTPS content on a HTTP environment. Check http://stackoverflow.com/questions/3144986/http-https-iframe for more information — Steyn, Aug 20 '15 at 14:58

score 2 · Accepted Answer · answered Aug 20 '15 at 15:07

Apparently, zomato has a Content Security Policy which prevents being loaded in iframe of other domains.

"frame-ancestors 'self'" means domain of parent of zomato can only be the same as https://www.zomato.com/.

It works in safari because safari don't support this CSP setting yet.

score 0 · Answer 2 · answered Sep 19 '15 at 07:55

0

chromium-browser --disable-web-security

From the chromium source:

// Don't enforce the same-origin policy. (Used by people testing their sites.)

answered Sep 19 '15 at 07:55

satish v

25
3

iframe not working in chrome browser but safari working correctly

2 Answers2