Refused to display in a frame because it set 'X-Frame-Options' to 'sameorigin'

Jane_Jojo · May 11, 2018, 9:06pm

This is the response. It says ALLOWALL but no luck…

curl -X HEAD -I https://www.alittlebitofspice.com/indian-tandoori-chicken-in-oven-recipe
HTTP/2 200 
date: Fri, 11 May 2018 21:05:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9f19aff1bfc853cdb31d03b2f1813b8b1526072718; expires=Sat, 11-May-19 21:05:18 GMT; path=/; domain=.alittlebitofspice.com; HttpOnly
vary: Accept-Encoding
vary: Accept-Encoding
link: <https://www.alittlebitofspice.com/wp-json/>; rel="https://api.w.org/"
link: <https://wp.me/p90p7a-r6v>; rel=shortlink
x-frame-options: ALLOWALL
x-content-type-options: nosniff
age: 0
x-cache: uncached
cache-control: public
x-nginx-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 41979a5a5ee2a02e-SLC

Topic		Replies	Views
Embedded comments not displayed due to X-Frame-Options DENY Support	12	3251	June 8, 2024
Embedding error Support	13	3830	November 21, 2020
Discourse not shown in iframe Support unsupported-install	30	8294	April 26, 2021
Browser prevents Discourse from rendering in iframe despite proper configuration (`X-Frame-Options: SAMEORIGIN`) Bug embedding	0	48	November 12, 2024
Running Discourse in an iframe Support	10	2181	April 24, 2019

Refused to display in a frame because it set 'X-Frame-Options' to 'sameorigin'

Related topics