locked
X-Frame-Options RRS feed

  • Question

  • User-1149473135 posted

    hi

    i'm configuring X-Frame options in Response header of IIS for ASP.NET Application

    The Application got blocked if it is being tried to access from other app, but the actual application (real app) also contains iframe which loads controls from code behind.

    please help me out how to load  my app iframe controls and also prevent my app from being loaded in another app

    Thursday, August 7, 2014 2:24 AM

All replies

  • User1070236303 posted

    You need to use the SAMEORIGIN setting. You can also configure this in the web.config (depending on iis version):

    <system.webServer>

            <httpProtocol>
                <customHeaders>
                    <add name="X-Frame-Options" value="SAMEORIGIN" />
                </customHeaders>
            </httpProtocol>

    </system.webServer>

    Thursday, August 7, 2014 4:14 AM
  • User-1149473135 posted

    it does n't worked  for me 

    Thursday, August 7, 2014 5:50 AM