jacjimus
By:
jacjimus

I followed this to configure self signed certificate on Apache https://tinyurl.com/zl56teq. I get the "Load denied by X-Frame-Options"

August 24, 2017 414 views
Apache Debian Ubuntu 16.04

Load denied by X-Frame-Options: https://xxxxxxxxxx/get_data.php?action=71&productid=1&fee=[{%22feeid%22:%221%22,%22feename%22:%22SIL%20PESA%20PF%22}]&valfutureinterest=1&valaccrueinterest=1&valallowloantopup=0&valpercentageoftopuploanpaid=0 does not permit framing

SecurityError: Permission denied to access property "document" on cross-origin object

3 Answers

I also have this warning: Strict-Transport-Security: The connection to the site is untrustworthy, so the specified header was ignored.

  • I sorted this one out! On the step to edit the /etc/apache2/conf-available/ssl-params.conf

    Just changed

    Header always set X-Frame-Options DENY
    to
    Header always set X-Frame-Options: " ALLOW-FROM https:// ......"

    worked fine!

I sorted this one out! On the step to edit the /etc/apache2/conf-available/ssl-params.conf

Just changed from
Header always set X-Frame-Options DENY
to
Header always set X-Frame-Options: " ALLOW-FROM https:// ......"

worked fine!

Have another answer? Share your knowledge.