iFrame Error in cms of test-environment

Thomas · February 6, 2020, 10:35am

In my test-environment , i get following error, after log into cms

Refused to display 'http://cms.luctho.de/?1&iframe' in a frame because it set multiple 'X-Frame- 
Options' headers with conflicting values ('DENY, sameorigin'). Falling back to 'deny'.

Test-Environment: local virtual Server (Ubuntu) with virtual box. I added entry to etc/hosts to point on the local server. Site works fine and I can access the Url http://cms.luctho.de/?1&iframe without any issues.

Let me know if you need more information!

machak · February 6, 2020, 10:49am

You need sameorigin i believe, so, make sure to remove whatever is setting ‘DENY’ header
(in most cases this is done by Spring Security, or similar security framework).

Thomas · February 6, 2020, 11:01am

I have no Security Framework in place ! Its just brxm out of the box. No customization yet.
I think it must be a misconfiguration of reverse proxy (apache). When I bypass apache and call via localhost:8080 I have no error

rvriel · February 12, 2020, 3:08pm

Speaking of which: since iframes are generally known to be a source of evil stemming from the 20th century, can we please get rid of them?

Topic		Replies	Views
V14 upgrade with iframe was not loading in HTTPS Experience Manager (PaaS/OnPrem)	1	437	June 1, 2022
Malformed CMS-authentication request when proxying on different CMS and HST domains Experience Manager (PaaS/OnPrem)	5	969	May 1, 2019
CMS with azure AD SSO not loading any iframes (408 timeouts) Experience Manager (PaaS/OnPrem)	3	722	May 4, 2022
Mixed Content ( version 14 ) on dashboard Experience Manager (PaaS/OnPrem)	0	356	November 30, 2021
OnPremise Deployment Experience Manager (PaaS/OnPrem)	1	470	December 5, 2020

iFrame Error in cms of test-environment

Related topics