Last post Nov 01, 2011 03:08 AM by Catherine Shan - MSFT
Oct 25, 2011 11:00 PM|muji85a|LINK
To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame.
Oct 31, 2011 08:55 AM|Catherine Shan - MSFT|LINK
The reason why you encounter this issue is that IE8's clickjacking security and X-Frame-Options.
If the X-Frame-Options value contains the token Deny, Internet Explorer 8 prevents the page from rendering if it is contained within a frame. If the value contains the token SameOrigin, Internet Explorer will not render the page if the top level-browsing-context
differs from the origin of the page containing the directive. Blocked pages are replaced with a "This content cannot be displayed in a frame" error page.
Oct 31, 2011 03:03 PM|muji85a|LINK
How can i resolve it .
Nov 01, 2011 03:08 AM|Catherine Shan - MSFT|LINK
As far as I know, you can't resolve it. The reason is that Web site owners(http://www.facebook.com) send an HTTP response header named X-Frame-Options which contains the token Deny.
When the X-Frame-Options value contains the token Deny, Internet Explorer 8 prevents the page from rendering if it is contained within a frame. Whether the website can be displayed in a frame or not depends on the HTTP response of the website.
In order to help you understand this issue, I will give you a sample below.
<form id="form1" runat="server">
<iframe id="idtest" src="http://www.facebook.com/" runat="server"></iframe>
<iframe id="Iframe1" src="http://www.w3schools.com/" runat="server"></iframe>
Please try to use Fiddler to check the header of HTTP response. The two picitures below shows the difference.
pic 1 http://www.facebook.com pic 2