How to Solve “Blocked by X-Frame-Options Policy” Error on Firefox

Sometimes when you try to load a website into an iFrame, you get this weird error that says “Blocked by X-Frame-Options Policy”.

Firefox prevented this page from loading in this context because the page has an X-Frame-Options policy that disallows it.

This error occurs because Firefox does not allow websites to be opened inside an iFrame for security purposes.

If you check your Chrome Developers Tool console, you will find this error:

Load denied by X-Frame-Options: “SAMEORIGIN” from “site”, site does not permit cross-origin framing from “site”.

The most common use case is when you are trying to test a Website’s responsiveness on Testing tools like Responsinator or Am I Responsive.

These tools try to load your website in an iframe to test its responsiveness. So when this error occurs you wonder if something is wrong with your website. But it’s not the case. It’s the browser preventing this from working.

How to Fix the X-Frame Options Policy

There’s a workaround that will allow your websites to be run inside an iFrame and you should be able to use all those responsiveness tools.

Here’s how you can do it:

For Linux Servers and Hosting Accounts:

For Linux web servers, the X-frame-options header is set by default to “sameorigin” which does not allow the website data to be communicated via iframes.

In order to remove the x-frame-options, add the following line to the .htaccess file for the website that you want to allow remote access to:

Header always unset X-Frame-Options

For Windows Servers and Hosting:

In Windows web servers, the X-frame-options are not set by default. Which means that other apps and access your website’s data and load it in the iframe.

In case it has been blocked:

  • Open the Internet Information Services (IIS) manager
  • Select the site you want to remove the header from
  • Double-click the HTTP Response Headers option in the middle
  • Remove the X-frame-options header

Alternate Solution: Install “Ignore X-Frame-Options Header” Firefox Add-on

This is a Firefox add-on that can be used to achieve the same results if you do not have access to the web server.

Installing this Add-on will let you bypass the x-frame-options policy and allow the website to be loaded in the iframe.

Install the Add-on from Here

Ignore X-Frame Options Header add-on

These are the two methods to bypass the frame options policy and let other apps access your website.

Spread the Word

You May Also Like

About the Author: Umair

A self-learned Javascript developer specializing in Frontend and Backend frameworks including React.js, Redux, Node.js, Express, MongoDB. He has extensive industry experience as a Tech Support lead and System Administrator. Currently learning Web3, (Solidity, Hardhat, Ethers.js) Smart contracts development, testing and auditing.

3 Comments

  1. I am not a PC guru so I do not know how exposed my data will be if I install the “ignore X-Frame-Options header” app.

  2. I would like to be able to download and install this add-on because I wish to use it in Thunderbird. Now thunderbird is blocking my custom “home page” that has worked for years.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.