This case is about adding iframe in Dynamics CRM and setting asp.net web form / mvc page to show. One error which can prevent page to load is X-Frame-Options = Same Origion. This occur if there is below line in code
@Html.AntiForgeryToken()
Also this can occur because off AntiForgeryConfig or similar methods. Usually this is present to not allowed suspicious scripts to run. But anti forgery code add header of x-frame-options and sets value equal to 'same origion'. Which means that no cross domain script is allowed to run. If you have Ajax requests from other servers / domains, then chrome show error of
Refused to display from ..... because of X-Frame-Options = Same Origion
Also add below line in web.config to make it secure this error will not occur. This config must be added under <system.webServer> node
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="AllowAll"/>
</customHeaders>
</httpProtocol>
<!--other configs-->
</system.webServer>
㉺㉼㉴㉳㉽㉾㈕㈔㈆㈅㈄㈄㈃㈁㈀㉤
Ali Hamza Wadood
Microsoft Dynamics CRM Developer | Software Engineer - Microsoft Technologies(Asp.Net, Asp.Net MVC)
LinkedIn
@Html.AntiForgeryToken()
Also this can occur because off AntiForgeryConfig or similar methods. Usually this is present to not allowed suspicious scripts to run. But anti forgery code add header of x-frame-options and sets value equal to 'same origion'. Which means that no cross domain script is allowed to run. If you have Ajax requests from other servers / domains, then chrome show error of
Refused to display from ..... because of X-Frame-Options = Same Origion
Also add below line in web.config to make it secure this error will not occur. This config must be added under <system.webServer> node
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="AllowAll"/>
</customHeaders>
</httpProtocol>
<!--other configs-->
</system.webServer>
㉺㉼㉴㉳㉽㉾㈕㈔㈆㈅㈄㈄㈃㈁㈀㉤
Ali Hamza Wadood
Microsoft Dynamics CRM Developer | Software Engineer - Microsoft Technologies(Asp.Net, Asp.Net MVC)
