How to make iFrames work
All sites hosted at Seravo has headers by default that prevents iframes on other sites.
Same-origin policy is a browser security feature that prevents unauthorized document and script use from one origin to another. All sites hosted at Seravo has
X-Frame-Options: SAMEORIGIN header by default. It basically means that you can set up iframe only from the same origin (domain). That way another sites cannot steal your content by using for example iframe tags.
But headers can be modified if needed. If you want to give permission to another site to use iframe tag from your content, you can set up headers like this:
Content-Security-Policy: frame-ancestors https://example.com
We recommend editing and setting the header info with PHP code or with suitable WordPress plugin.
Read more from our developer documentation.