i have problem when other websites open my website in iframe

[marceil5]

when news aggregator add my website using ifram to show my news then a blank page apear no news and the rss of my site is correct but what is the problem ??when news aggregator website add my website news directly to their databse there is no problem??please help me with this??

[Jimmi08]

It's maybe related to this:
Refused to display xxx in a frame because it set 'X-Frame-Options' to 'sameorigin'.
Check your console (F12 in chrome, second tab), if this is it.
It was changed sometimes ago.
I was sure it was my issue about this, but maybe I asked only on gitter.

[marceil5]

Solved i omit SAMORGIN header

[Jimmi08]

@marceil5 could you explain what did you do? Where do you omit that header?

[marceil5]

open class2.php and search for the bellow code and add // to the code
$this->setHeader('X-Frame-Options: SAMEORIGIN'); so it become like the following
//$this->setHeader('X-Frame-Options: SAMEORIGIN');
it wil work fine

[Jimmi08]

Oh, so you changed core files. I hoped you found different way. I was looking for solution without it. Maybe this should be in preferencies. It wasn't this way before.

[Moc]

@CaMer0n Is this an intentional security/privacy measure?

[CaMer0n]

@Moc Yes, perhaps we can add a flag inside e107_config.php to disable it for people who need that option.

[Jimmi08]

This starts to be a bit annoying. You can't use heat maps without changing core file.

Why this is not part .htaccess anymore? Or set it as prefs.

[CaMer0n]

A pull-request is always welcome @Jimmi08. ;-) Not a complicated fix if you check the changes.

[Moc]

Closing, still requires documentation (tracked in Documentation project)

[CaMer0n]

@Moc I think we should add all these flags into e107_config.php when it is generated during install. Even though not enabled, it will educate as to what can be configured this way.

[Moc]

@CaMer0n I added some but there may be more to add