Sorry, I know there have been other topics about this, but I cannot seem to get it figured out at this point. I have a fresh install of discourse on DigitalOcean using the App, and a Ghost blog. I have the allowed host as the root of my website, and have pasted the code into Ghost, but constantly get the "Refused to display 'http://community.howtoghost.com/embed/comments?embed_url=https%3A%2F%2Fwww.ghostforbeginners.com%2Fhosting-and-installing-ghost%2F' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'." error.
From what it looks like, since I have the host in discourse, this shouldnāt be a problem, but after a few days of trying, I cannot get it to work. Have tried both www.site.com and just site.com, neither work. Does anyone have any ideas? I would really appreciate the help.
Actual Embedded Ghost Code:
<div id='discourse-comments'></div>
<script type="text/javascript">
DiscourseEmbed = { discourseUrl: 'http://community.howtoghost.com/',
discourseEmbedUrl: 'https://www.ghostforbeginners.com' + {{url}} };
(function() {
var d = document.createElement('script'); d.type = 'text/javascript'; d.async = true;
d.src = DiscourseEmbed.discourseUrl + 'javascripts/embed.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(d);
})();
</script>
Thanks,
riking
November 9, 2015, 10:55pm
2
Fill out the ācors originsā site setting with www.ghostforbeginners.com and restart the server ./launcher restart app.
1 Like
Thank you for the reply riking. Do you make these changes in the app.yml? In the app.yml I have tried:
DISCOURSE_ENABLE_CORS: true
DISCOURSE_CORS_ORIGIN: '*'
and
DISCOURSE_ENABLE_CORS: true
DISCOURSE_CORS_ORIGIN: 'www.ghostforbeginners.com'
and
DISCOURSE_ENABLE_CORS: true
DISCOURSE_CORS_ORIGIN: 'www.ghostforbeginners.com*'
and a few others like including https and what not.
None of which change the outcome. Still get the same x-frame problem. I tried adding them under the env: section, and also near the bottom with no change.
riking
November 10, 2015, 7:29am
4
Well, that should have worked as well.
1 Like
Any other ideas by chance? It seems like Discourse is restarting, but is it possible it isnāt taking the configs for whatever reason?
Hi I Tried multiple option by adding into app.yml. But its not working. Still throwing error "
Refused to display āhttp://162.188.21.09:8080/ ā in a frame because it set āX-Frame-Optionsā to āSAMEORIGINā.
Actually Iām trying to render āhttp://162.188.21.09:8080/ ā in iframe local host.
env: http://162.188.21.09:8080/ ā**
How to fix it.?
dubeydeepak:
in iframe
I think you would be better off coming up with a different approach
We do not support running in an iframe.
Because itās an extremely fragile configuration. Discourse expects to control the browser tightly as a JavaScript app. This is not a static 1996 era web page to be slapped in an <iframe> willy-nilly, itās far more complex.
Adi_Adi
March 31, 2017, 6:28am
8
Can you tell us how to do it if we want to integrate it in my website ?
If I wanted to include Discourse content into a non-Discourse site I would use either the RSS or JSON or both.
Adi_Adi
March 31, 2017, 6:39am
10
Do you have any reference so I can get more info how to do it and to identify pros/cons for my requirement ?
Adi_Adi
March 31, 2017, 6:39am
11
Like demo or integration steps ?
Hey Guys,
1 Like
I solved it using this pluginā¦
# name: Set X-Frame-Options correctly
# about: Set site headers
# version: 1
# authors: Julian
Rails.application.config.action_dispatch.default_headers.merge!({'X-Frame-Options' => 'ALLOWALL'})
Rails.application.config.action_dispatch.default_headers.merge!({'Access-Control-Allow-Origin' => '*'})
Rails.application.config.action_dispatch.default_headers.merge!({'Access-Control-Allow-Methods' => 'GET, POST, OPTIONS, DELETE'})
Rails.application.config.action_dispatch.default_headers.merge!({'Access-Control-Allow-Headers' => 'Content-Type, Authorization, X-Requested-With'})
Det
June 10, 2019, 12:57pm
14
Can you plese provide steps as to how to install and use the plugin.
1 Like
trusktr
July 20, 2020, 5:33am
15
@Det Hereās a guide on Discourse plugins: How to create a Discourse plugin
