Languages
Wiki
All Wiki Articles Create Wiki Article
http
headers
iframe
[Edit]
EN

HTTP - do not let to embed website in iframe

2 contributors
7 contributions
0 discussions
9 points
Created by:
Antonina-Trejo
477

In this short article, we would like to show you simple configuration that do not let to display your website embedded in frame, iframe, embed and object elements on ther webpages.

Blocked iframe with X-Frame-Options: SAMEORIGIN header.
Blocked iframe with X-Frame-Options: SAMEORIGIN header.

Quick solutions (add header to your website response):

X-Frame-Options: DENY

or:

X-Frame-Options: SAMEORIGIN

 

Where:

  • DENY do not lets to built-in website to onwn iframe too.
  • SAMEORIGIN lets to built-in website to onwn iframe element, but only if origin for bothh sites will be the same.

 

See also

References

  1. X-Frame-Options - MDN Docs

Alternative titles

  1. HTTP - disable website embedding in iframe
  2. HTTP - block website in iframe
Donate to Dirask
Our content is created by volunteers - like Wikipedia. If you think, the things we do are good, donate us. Thanks!
Direct link
Join to our subscribers to be up to date with content, news and offers.
Native Advertising
🚀
Get your tech brand or product in front of software developers.
For more information Contact us
Dirask - we help you to
solve coding problems.
Ask question.

❤️💻 🙂

Join