How to detect x-frame-options when loading a website in iframe
Loading external website in an iframe is getting blocked because of x-frame-options in response headers. I want to detect what is the value for x-frame-options and based on that value i want to show an alert to the user. How can we detect/extract x-frame-options from the response headers for the given url even if it has redirects?
Bewerkt door Naresh Gunda op
Alle antwoorden (2)
I'm not sure under what conditions you want to check this like you have a website that allows to embed such content or you want to do this locally.
There is an extension for Firefox that allows this.
- Ignore X-Frame-Options Header https://addons.mozilla.org/firefox/addon/ignore-x-frame-options-header
I want to do it programmatically as i don't want end user to go to settings and disable enhanced tracking protection or installing some extensions in order to work with embeded content. So if i'm able to detect the x-frame-options i can ask user to launch the same url in new window by providing a button(Latest Firefox is doing similarly but i want to handle it in our website so that solution will work across the browsers).
Attached firefox implementation screenshot for reference.
Bewerkt door Naresh Gunda op