omer d
asked on
django - add iframe element containing source url of my web page inside another site
I want to add iframe with source url of my own a web page - inside another site page.
but my page is not being displayed inside the iframe, I'm getting error in the browser console:
Refused to display 'http://my.site.com/page/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
I've tried to set django x-frame-options, and this is my view:
from django.views.decorators.cl ickjacking import xframe_options_exempt
@xframe_options_exempt
def ok_to_load_in_a_frame(requ est):
return render_to_response('test.h tml', {}, context_instance=RequestCo ntext(requ est))
but it doesn't work for some reason... any idea?
thanks.
but my page is not being displayed inside the iframe, I'm getting error in the browser console:
Refused to display 'http://my.site.com/page/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
I've tried to set django x-frame-options, and this is my view:
from django.views.decorators.cl
@xframe_options_exempt
def ok_to_load_in_a_frame(requ
return render_to_response('test.h
but it doesn't work for some reason... any idea?
thanks.
I doubt you get much help exploiting XSS vulnerability in other site.
ASKER
It seems that you didn't understand my question...
the way of adding iframe to another site - this is not the problem, and it's not an attack on the site,
it's a chrome extension button that add something to the current page, temporary...
I'm not doing any harm to the site, it's a feature being executed by the user on the current instance of the page.
Any way, the question is not how to add iframe, but how to disable my web server default security,
and allow my web page to be displayed inside another page...
the way of adding iframe to another site - this is not the problem, and it's not an attack on the site,
it's a chrome extension button that add something to the current page, temporary...
I'm not doing any harm to the site, it's a feature being executed by the user on the current instance of the page.
Any way, the question is not how to add iframe, but how to disable my web server default security,
and allow my web page to be displayed inside another page...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
eventually I solved it..