Apps that utilized SharePoint-hosted type of web-parts may show the following error message depending on configuration of Internet Explorer browser on the user machine:
“This content cannot be displayed in a frame
To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame…”
This is a known issue and we are working on a resolution. This issue is specific to Internet Explorer and doesn’t affect users of other browsers. As a temporary workaround please add “https://login.microsoftonline.com” to the Trusted Sites list in Internet Explorer. Also check that the list of sites below is already in the Trusted Sites list, otherwise add those sites to the Trusted Sites list as well:
Where <sitename> is the name of the user’s SharePoint online site. Making this configuration changes will prevent this error from occurring for that user.
To add a website to Internet Explorer’s trusted sites list, please follow these steps:
- Open Internet Explorer (the desktop version if you are using Windows 8)
- Press Alt + T on your keyboard to show the Tools menu
- Click Internet Options
- Click the Security tab
- Select the Trusted sites zone
- Click the Sites button
- Type https://login.microsoftonline.com or other site URL into the Add this website to the zone: field
- Click Add
- Click Close
- Click Apply
- Click OK
- Close Internet Explorer
Then open Internet Explorer and test to see if you receive the same error message when viewing the app.
- Edited by Steven - Support EngineerMicrosoft Support, Moderator Monday, December 10, 2012 5:13 PM Correcting format of post
Hi Steven -
I'm also looking for an update. We are using Office 365 and most of our users are at client sites with the Trusted Sites list locked down, so the suggested workaround doesn't work for us. It's been almost 6 months since the original post -- is Microsoft still actively working on a resolution?
I really like the new look and features of SharePoint Online, but just found out that all the web parts that worked perfectly for us in preview (also on IE!) don't work at all in production. Since I'm accessing the preview site from the same browser with the same Trusted Sites list, it must be a combination of factors. We are using ADFS for authentication -- could that be contributing to the problem?
Please let me know if there is any hope for 3rd party apps on Office 365, we were really counting on some of these features, and it's very disappointing to find that they work in every browser except Microsoft's.
Also looking for an update on this.
Can't believe IE is stopping me from presenting images hosted on the same sharepoint site. - Really?
My site will be accessed by end customers and this work -round to add all the sharepoint sites to trusted sites is just not practical.
Please advise when this will be rectified.
the Dynamics CRM Online Document Location with Sharpoint Online 2013 List Component
also does not work with IE (also in Trusted Sites!). With other web browsers like Firefox,
Chrome it works without problems!
Many customers work with Sharepoint Online 2013 as CRM Document Location. This is inadmissible!
We get this script error:
Details zum Fehler auf der Webseite
Benutzer-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Zeitstempel: Fri, 26 Jul 2013 14:39:18 UTC
Error: Access denied
- Edited by ati27 Friday, July 26, 2013 2:53 PM URI in TEXT
This is a truly unbelievable flaw in the product. I have just proven that Chrome is fine and IE is broken, despite trying all the fixes mentioned in this post. Unfortunately we need to use the Outlook Client and that uses the IE rendering engine.
Here is a Microsoft Connect CRM issue closely relating to this thread:
The Microsoft Response is interesting:
“Posted by Microsoft on 21/02/2014 at 1:45 p.m.
Thank you for your suggestion. Unfortunately this is the result of network issues between CRM and list component connected to SharePoint which is out of our control. The new SharePoint integration in CRM 2013 Spring update should no longer have this issue since it does not rely on the list component. Instead of the current client side integration, the new SharePoint integration will be a server based integration. Thank you, Tony S. and Kobi A.
”We will wait and see if the Spring Update of CRM resolves this.
In SharePoint 2010 we used to display parts of users' profiles in iframes as OrgCharts. Now this is no longer possible due to the lack of support for Cross-origin resources (CORS) in SharePoint 2013 web sites.
XMLHttpRequest cannot load https://mysite.contoso.com/OrganizationView.aspx?accountname=contoso%5CBrads&IsDlg=1. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://finweb.contoso.com' is therefore not allowed access.
Check this, the solution specified should work - http://msdn.microsoft.com/en-US/library/office/jj612823(v=office.15).aspx
I've tried to read that article that talks about the "AppHost Pattern" - doesn't make any sense to me. We need to frame-in any PDF's in any document library in our portal... how do we do that? Do I need to inject a global X-Frame-Options content=allow into our Master Page?
(We're using on-premise SharePoint).
- Edited by Peter_D503 Thursday, August 14, 2014 12:51 AM
(For on-prem, we were able to use this to solve the problem "Permissive XFrame Header" : https://ventigrate.codeplex.com/wikipage?title=Permissive%20XFrame%20Header&referringTitle=Home ... but seems your thing is cloud).