The reason why you encounter this issue is that IE8's clickjacking security and X-Frame-Options.
Clickjacking Defense: Some hackers try to trick users into clicking buttons that appear to perform safe or harmless functions, but instead perform unrelated tasks. Clickjackers embed malicious code or "redress" the user interface by using transparent frames
that overlay specific UI elements with misleading text and images. To help prevent clickjacking, Web site owners can send an HTTP response header named X-Frame-Options with HTML pages to restrict how the page may be framed.
X-Frame-Options: Deny
If the X-Frame-Options value contains the token Deny, Internet Explorer 8 prevents the page from rendering if it is contained within a frame. If the value contains the token SameOrigin, Internet Explorer will not render the page if the top level-browsing-context
differs from the origin of the page containing the directive. Blocked pages are replaced with a "This content cannot be displayed in a frame" error page.
Please mark the replies as answers if they help or unmark if not.
Feedback to us
As far as I know, you can't resolve it. The reason is that Web site owners(http://www.facebook.com) send an HTTP response header named X-Frame-Options which contains the token Deny.
When the X-Frame-Options value contains the token Deny, Internet Explorer 8 prevents the page from rendering if it is contained within a frame. Whether the website can be displayed in a frame or not depends on the HTTP response of the website.
If the HTTP response header named X-Frame-Options contains the token Deny, it can't be displayed.
If it doesn't contain the token Deny, it can be displayed.
In order to help you understand this issue, I will give you a sample below.
muji85a
Member
202 Points
266 Posts
I am gettignthe following error in asp.net with facebook app(early it is working fine. Once i cli...
Oct 25, 2011 10:00 PM|LINK
This content cannot be displayed in a frame
To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame.
What you can try:
Catherine Sh...
All-Star
23382 Points
2490 Posts
Microsoft
Re: I am gettignthe following error in asp.net with facebook app(early it is working fine. Once i...
Oct 31, 2011 07:55 AM|LINK
Hi nuji85a,
The reason why you encounter this issue is that IE8's clickjacking security and X-Frame-Options.
X-Frame-Options: Deny
If the X-Frame-Options value contains the token Deny, Internet Explorer 8 prevents the page from rendering if it is contained within a frame. If the value contains the token SameOrigin, Internet Explorer will not render the page if the top level-browsing-context differs from the origin of the page containing the directive. Blocked pages are replaced with a "This content cannot be displayed in a frame" error page.
Feedback to us
Develop and promote your apps in Windows Store
muji85a
Member
202 Points
266 Posts
Re: I am gettignthe following error in asp.net with facebook app(early it is working fine. Once i...
Oct 31, 2011 02:03 PM|LINK
How can i resolve it .
Catherine Sh...
All-Star
23382 Points
2490 Posts
Microsoft
Re: I am gettignthe following error in asp.net with facebook app(early it is working fine. Once i...
Nov 01, 2011 02:08 AM|LINK
Hi nuji85a,
As far as I know, you can't resolve it. The reason is that Web site owners(http://www.facebook.com) send an HTTP response header named X-Frame-Options which contains the token Deny.
When the X-Frame-Options value contains the token Deny, Internet Explorer 8 prevents the page from rendering if it is contained within a frame. Whether the website can be displayed in a frame or not depends on the HTTP response of the website.
If the HTTP response header named X-Frame-Options contains the token Deny, it can't be displayed.
If it doesn't contain the token Deny, it can be displayed.
In order to help you understand this issue, I will give you a sample below.
<html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title></title> </head> <body> <form id="form1" runat="server"> <div> <iframe id="idtest" src="http://www.facebook.com/" runat="server"></iframe> <iframe id="Iframe1" src="http://www.w3schools.com/" runat="server"></iframe> </div> </form> </body> </html>Please try to use Fiddler to check the header of HTTP response. The two picitures below shows the difference.
pic 1 http://www.facebook.com pic 2 http://www.w3schools.com
Feedback to us
Develop and promote your apps in Windows Store