How to make iFrames work

All sites hosted at Seravo has headers by default that prevents iframes on other sites.

Same-origin policy is a browser security feature that prevents unauthorized document and script use from one origin to another. All sites hosted at Seravo has X-Frame-Options: SAMEORIGIN header by default. It basically means that you can set up iframe only from the same origin (domain). That way another sites cannot steal your content by using for example iframe tags.

But headers can be modified if needed. If you want to give permission to another site to use iframe tag from your content, you can set up headers like this:

Old browsers:
X-Frame-Options: ALLOWALL

Modern browsers:
Content-Security-Policy: frame-ancestors https://example.com

We recommend editing and setting the header info with PHP code or with suitable WordPress plugin.

Read more from our developer documentation.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Related Articles