0

I'm using Twilio Flex to create a call center, and I have an ASP.NET MVC project hosted by an Azure App Service which I'm trying to embed into Panel 2 using the next code: flex.CRMContainer.defaultProps.uri = 'domain.com';

But I cannot display it because of this error: 'X-Frame-Options' to 'sameorigin'. How can I solve this issue?

daycg
  • 17
  • 6
  • Does this answer your question? [How to embed an entire azure web site into a WordPress site](https://stackoverflow.com/questions/67069170/how-to-embed-an-entire-azure-web-site-into-a-wordpress-site) – Ecstasy Jun 28 '22 at 09:24
  • [Embed Flex as an iframe](https://www.twilio.com/docs/flex/admin-guide/setup/secure-iframe#:~:text=You%20can%20register%20your%20domains,and%20refresh%20your%20external%20application.), [Embed Twilio Flex into a custom application](https://stackoverflow.com/questions/58082175/embed-twilio-flex-into-a-custom-application) and [X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) – Ecstasy Jun 28 '22 at 09:26

1 Answers1

0

Flex TSE here.

x-frame-options:sameorigin is a response header set by the domain - in your case, whatever is controlling http requests on your app's domain. SAMEORIGIN means that the resource is refused - it will not load in an iframe outside of the domain. For more information on X-Frame-Options, see the MDN doc on X-Frame-Options.

The fix is going to depend on your own setup. Azure has a web.config file you can edit. Add this:

         <customHeaders>
            <clear />
            <remove name="X-Frame-Options"/>
         </customHeaders>

or since you're using ASP you can add this line to your global.asax file

System.Web.Helpers.AntiForgeryConfig.SuppressXFrameOptionsHeader = true;

Chris Morrison
  • 31
  • 2