[Gambas-user] Web site main page does not work

T Lee Davidson t.lee.davidson at gmail.com
Fri Jan 20 16:49:55 CET 2023


On 1/19/23 22:18, BB wrote:
> I get a bit more info :
> 
> "Firefox Can’t Open This Page
> 
> To protect your security, gambaswiki.org will not allow Firefox to display the page if another site has embedded it. To see this 
> page, you need to open it in a new window."
> 
> and this link https://support.mozilla.org/en-US/kb/xframe-neterror-page?as=u&utm_source=inproduct
> 
> b
> 
> 
> On 20/1/23 1:02 pm, T Lee Davidson wrote:
>> On 1/19/23 16:40, Benoit Minisini wrote:
>>> Hi,
>>>
>>> I don't know for you, but my Firefox can't open anymore the Gambas website, more precisely the Gambas wiki pages integrated 
>>> as a frame inside the Gambas website (gambas.sf.net).
>>
>> Yes, I can access the Wiki directly but the framed Wiki at gambas.sourceforge.net says it refused to connect.
>> The Chromium dev tools Console says:
>> "Refused to display 'https://gambaswiki.org/' in a frame because it set 'X-Frame-Options' to 'sameorigin'."

Right. The X-Frame-Options header is set by the web server. It is configured this way by the web host admin as a security 
measure. A better security option might be to use the 'frame-ancestors' directive of the Content-Security-Policy header which 
obsoletes X-Frame-Options and is much more flexible. [1]

According to cPanel, it may be possible to override the server's global configuration for X-Frame-Options on a site-by-site 
basis via .htaccess. [2]


-- 
Lee

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
[2] https://support.cpanel.net/hc/en-us/articles/4415231266455-How-to-manage-X-Frame-Options-through-htaccess-for-your-website



More information about the User mailing list