Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to allow cross domain iframe embedding? #72

Open
janwerkhoven opened this issue Nov 27, 2015 · 1 comment
Open

How to allow cross domain iframe embedding? #72

janwerkhoven opened this issue Nov 27, 2015 · 1 comment

Comments

@janwerkhoven
Copy link

Hi Tedconf,

70% of the traffic to our Ember app comes through an iframe. Since we started using Ember Front End Builds (which we love!) we are hitting a this error:

Refused to display 'https://www.hotdoc.com.au/book-appointment/harbourtown-medical-centre' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

Can we set the X-Frame-Options of the headers to allow cross domain iframe embedding?

What we used to do with our old Ember app, which was embedded in Rails was adding the following to the relevant controller:

# Allow access within an iframe
response.headers.delete 'X-Frame-Options'

Or:

# Allow access within an iframe
response.headers['X-Frame-Options'] = 'ALLOW'

Is that also possible with Ember Front End Builds?

PS: Keep up the great work! Ember Front End Builds is the single best process improvement we introduced to our Ember app.
@samselikoff
Copy link
Contributor

@ryanto looks like we need to add the ability for users to subclass the bests controller so they can alter the response before it goes out. What do you think?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@samselikoff @janwerkhoven