Hi,
Currently, in CRM 4.0, we use an iframe within a custome entity to display tracking information from Canada Post. Up until recently this was working just fine, now when the iframe renders we are recieving the following error:
I have done a bit of googling to see what others had to say on the error message. Most say it is due to the website owner using the X-Frame-Options set to SAMEORGIN. This is to prevent ClickHijacking. To try and figure out if the web page url we are calling in the iframe uses this, I used IE Developer Tools and ran the Network Capture. Then I found the GET for the url and viewed it's details, on the Response headers options, there is indeed a X-frame-options set to SAMEORGIN. I tried several other pages, like google, and found they also gave me the same error when I tried to use them in the iframe and also had this same option. I did however find that when I used a wikipedia article as the url that it displayed the content fine and it did not contain the X-frame-options option in the Response headers.
As I am a bit inexperienced with webpage development, can someone please confirm that this is the issue my iframe is experiencing or if the problem is something else? If it is something else, can someone please explain what is now causing the page to fail? If it is the X-frame-option now being used by the original host page, does anyone know of a work around?
Thanks!