Load denied by X-Frame-Options

Post Reply
Posts: 6
Joined: 19 Feb 2018, 14:44

21 Mar 2018, 20:42


After I upgraded my project to this theme the iFrames no longer work, they are denied by the browser due to the X-Frame-Options.
They were working before and I have not changed my response headers.

When I try to change my response header to mitigate this issue as suggested on SO,
response.addHeader("X-Frame-Options", "SAMEORIGIN");
I end up with two x-frame-options and still not working
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Where does this X-Frame-Options come from in the California theme?

User avatar
Posts: 3081
Joined: 29 Jun 2013, 12:38

25 Apr 2018, 08:57

Could you please try it without California? Also, could you please check PF versions in California and your project(without California)?

Posts: 6
Joined: 19 Feb 2018, 14:44

16 Aug 2018, 16:51

Without Carlifonia theme the iframes work ok. They are use to display Jasper reports and the reports show correctly without Carlifonia Theme.
The PF version in the project before Carlifonia is 6.0, I'm using the same version in the project with Carlifonia Theme

Post Reply

Return to “California - PrimeFaces”

  • Information
  • Who is online

    Users browsing this forum: No registered users and 1 guest