1

I was trying to host a web page in the chrome extension popup and was hitting error X-FRAME options set to deny or SAME ORIGIN. As an alternative approach I opened up the page in new chrome browser instance and injected the script into it so that i can send the message from the page to content script and then back to my popup page once the work is done in the new window . UI experience of this approach does not look good and hence wanted to go via Iframe route. My extension has all url permissions in manifest.xml

Can someone suggest the right approach by which we can host a web page in IFRAME in chrome extension popup and get around the deny and SAME ORIGIN. Also will this be correct with respect to security . I came across this unanswerd blog but seems to me a hack. Hence wanted to get clarity on chromium - extension forum.

Getting around X-Frame-Options DENY in a Chrome extension?

Community
  • 1
  • 1
kapil ratra
  • 11
  • 1
  • 1
    possible duplicate of [Getting around X-Frame-Options DENY in a Chrome extension?](http://stackoverflow.com/questions/15532791/getting-around-x-frame-options-deny-in-a-chrome-extension) – Shotgun Ninja Sep 21 '15 at 18:33
  • Marking as a duplicate of the linked question -- seems to me that you should sniff around with what they posted and let them know if it doesn't work instead of posting a new question. – Shotgun Ninja Sep 21 '15 at 18:34

0 Answers0