-1

I have two separate websites. I want to show a particular page from one website (Site A) as an iframe on a particular page in another website (Site B). However, I keep getting the following error:

The loading of “https://site-a.com/some-page.php” in a frame is denied by “X-Frame-Options“ directive set to “SAMEORIGIN“.

I have set the following headers on https://site-a.com/some-page.php:

header('Access-Control-Allow-Origin: https://site-b.com');
header('Access-Control-Allow-Credentials: true');

What can I do to show the page from Site A properly inside an iframe?

Thanks.

Real Noob
  • 1,369
  • 2
  • 15
  • 29
  • Take a look to https://stackoverflow.com/questions/27358966/how-to-set-x-frame-options-on-iframe – neolodor Aug 11 '21 at 06:33
  • Thanks @neolodor I had already looked at that question and it didn't provide any help. As I said, I already have control over the backend and have set some headers in PHP. :) – Real Noob Aug 11 '21 at 10:22

1 Answers1

0

Go to headers of site A and you'll see X-Frame-Options have been set to SAMEORIGIN. Since Site A is your website, you can configure this to Allowfrom. See the MDN docs regarding the same for a better idea.

vatsalgada
  • 1
  • 1
  • Welcome! Thanks for your answer, but please read [How To Answer Well](https://stackoverflow.com/help/how-to-answer) and improve its quality. (e.g. link to the mention docs and citations) – jasie Aug 12 '21 at 06:48