Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
624 views
in Technique[技术] by (71.8m points)

asp.net mvc - After update to MVC 5, iframe no longer works

I updated my project MVC version to 5 and now iFrame does not load, I get this error:

Load denied by X-Frame-Options: www.blahblah.com does not permit cross-origin framing.

I noticed that for some reason now the X-Frame-Options header has SAMEORIGIN filled which does not allow the iframe to load a page from a different domain. This is a problem for me as I develop both the containing and inheriting page. I tried everything in IIS to change this header to no avail.

Anyone encountered this yet?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

I finally found the answer. Starting with MVC 5 Microsoft decided to set SAMEORIGIN in there by default. The best way I found to turn this tag off is by writing the following in the Global.asax.cs

protected void Application_Start()
{
//Bundles and stuff are here
AntiForgeryConfig.SuppressXFrameOptionsHeader = true;
}

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...