Last post Feb 07, 2020 04:46 PM by KathyW
Feb 04, 2020 07:05 AM|PGChoudhury|LINK
Apologize in advance if the question appears slightly basic in nature. But I can't get this to behave in the fashion I desire. Hence the post.
I have a MVC5 web application. In one of the views of this application, I want to embed and show another webpage from the internet inside an iFrame; the page that I want to load is -
I hope the picture is clear to you.
The iFrame HTML code --
<div class="row mb-5">
<iframe src="https://www.sellcodes.com/pro_indigo" style="width: 750px; height: 450px;">
Pretty usual stuff.
But when I run it, that sellcodes page does not show up in my iFrame. It is empty. Blank. For reference see the image --> [
https://imagebin.ca/v/5B4tCphd7HDK ]. It is simply blank. I cross checked with IE also, just to be sure if that's a browser issue. But it is blank there too.
What's the grief? What did I miss please?
I added this in my web.config; after seeing console error of 'sameorigin'.
<add name="X-Frame-Options" value="sameorigin" />
Still doesn't do it. No improvement. What else needs to be done? A quick precise solution anyone?
Feb 05, 2020 05:08 AM|Yongqing Yu|LINK
By testing your code, I reproduced this problem.
Obviously, the website of IFrame request sets the response header to SAMEORIGIN,
which means that they are not allowed to load the resource in IFrame outside its domain.
On the request side, you cannot prevent this behavior.
For more details, you can refer to:
Feb 05, 2020 07:09 AM|PGChoudhury|LINK
Hi @YongqingYu --
Thanks for reply,
So in essence - the page https://www.sellcodes.com/pro_indigo cannot be loaded any whichever way on an MVC view of my project?
Maybe not inside an iFrame, but is there any other possible way? By any other trick/technique, possibly?
Feb 05, 2020 08:22 PM|KathyW|LINK
If that site does not want other sites to publish its information inside those other sites, please respect their wishes. If you want their content, ask them for permission and see where that goes.
Feb 06, 2020 06:37 AM|PGChoudhury|LINK
yep, makes sense. I'll have a speak with their tech team and ask if it is possible some way.
Generally speaking this was so common place earlier, say 10-11 years ago. People used to embed/iframe all the time other site pages inside their own.
Feb 06, 2020 07:40 AM|KathyW|LINK
"People used to embed/iframe all the time other site pages inside their own."
Ah, but it should not have been common. It is publishing someone else's copywrited information on your own site, with no permission. That's why the "don't do it" cross origin header was developed.
Feb 07, 2020 07:28 AM|PGChoudhury|LINK
The information is not someone else's, The information is mine. My page and my profile on that site, just like you have your page on facebook or myspace. If you cared to follow the thread from the beginning.
The only thing correct about your comment is that the domain/site is theirs.
There is a difference. Anyway, thanks for your speaking, I'm trying a few solutions of my own.
Feb 07, 2020 04:46 PM|KathyW|LINK
If that site is yours, then you could change the headers that block cross-site iframe. If the information is yours, not the site, why not simply put your information in your site directly, not by iframing another site?