Loading

Site fails to display content within an iframe

Julkaisupäivä: Oct 13, 2022
Kuvaus

Whether or not a site displays within an iframe is dependent on the site's X-Frame-Options parameter that is passed along with the HTTP request. Based on this parameter, the site will either display, not display, or display the content with limitations. You may also get an error similar to 'http://some.custom.url/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.


 
Ratkaisu

​Mozilla X-Frame-Options

When a site carries the "DENY' or "SAMEORIGIN" page, that either restricts the display of the site content in an iframe altogether, or it requires that the iframe that displays this URL be a member of the same domain (origin) as the site itself.

For example, if you try to display one of these sites within a Salesforce iframe and you encounter the SAMEORIGIN parameter, which means the site is not permitted to run on Salesforce, as the domain of Salesforce and the domain of the host site are different.


There is no solution to ensure that the site always displays content in an iframe, as this is enforced by browsers based on headers

If you own the site which you want to add via iframe, you can send the headers to indicate that your site might be added by others, or add salesforce.com or force.com in crossdomain.xml.
Knowledge-artikkelin numero

000385955

 
Ladataan
Salesforce Help | Article