[Resolved] Removed X-Frame-Options But Embed Still Won't Work

noelleleigh · July 18, 2018, 11:52am

In my project animated-pixel-gradients, I use helmet to add some security-related headers to the page response. One of these was X-Frame-Options: sameorigin which I discovered today was preventing the nifty embedding on glitch.com from working.

Refused to display 'https://animated-pixel-gradients.glitch.me/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

So I edited my app’s code and removed the X-Frame-Options directive and confirmed that it’s gone by looking in the Network panel in the DevTools. But the embed frame still won’t show the project for the same reason!

This is happening on Chrome OS 67 and I’ve cleared site data and cache to no avail. It does work on my iPhone in Mobile Safari however.

Gareth · July 18, 2018, 11:56am

Do you mean the embed at https://glitch.com/~animated-pixel-gradients isn’t working or are you trying to embed it elsewhere? The embed is displaying ok for me in Chrome on Glitch.

noelleleigh · July 18, 2018, 1:18pm

Yes, that embed. It seems to work on my other browsers (and in incognito mode), but something is sticking in this Chrome instance that’s making it behave inconsistently

EDIT: Apparently clearing site data from the Application tab of DevTools doesn’t do what I think it does. I did an “Empty Cache and Hard Reload” and that seems to have addressed the issue.

Topic		Replies	Views
Why do glitch embeds now give 'unexpected error' in Chromium? Glitch Help	3	452	September 4, 2018
Embeded apps switching between app and source randomly Glitch Help embed	1	350	March 7, 2020
Shader not working after Github Export Glitch Help	8	381	September 19, 2019
Problem with sharing Glitch Help html	10	371	September 2, 2020
Video texture not loading in a-frame Coding Help a-frame , github , glitch , vr	5	1311	June 9, 2021

[Resolved] Removed X-Frame-Options But Embed Still Won't Work

Related Topics