How to Solve “Blocked by X-Frame-Options Policy” Error on Firefox

Sometimes when you try to load a website into an iFrame, you get this weird error that says “Blocked by X-Frame-Options Policy”.

Firefox prevented this page from loading in this context because the page has an X-Frame-Options policy that disallows it.

This error occurs because Firefox does not allow websites to be opened inside an iFrame for security purposes.

If you check your Chrome Developers Tool console, you will find this error:

Load denied by X-Frame-Options: “SAMEORIGIN” from “site”, site does not permit cross-origin framing from “site”.

The most common use case is when you are trying to test a Website’s responsiveness on Testing tools like Responsinator or Am I Responsive.

These tools try to load your website in an iframe to test its responsiveness. So when this error occurs you wonder if something is wrong with your website. But it’s not the case. It’s the browser preventing this from working.

How to Fix the X-Frame Options Policy

There’s a workaround that will allow your websites to be run inside an iFrame and you should be able to use all those responsiveness tools.

Here’s how you can do it:

For Linux Servers and Hosting Accounts:

For Linux web servers, the X-frame-options header is set by default to “sameorigin” which does not allow the website data to be communicated via iframes.

In order to remove the x-frame-options, add the following line to the .htaccess file for the website that you want to allow remote access to:

Header always unset X-Frame-Options

For Windows Servers and Hosting:

In Windows web servers, the X-frame-options are not set by default. Which means that other apps and access your website’s data and load it in the iframe.

In case it has been blocked:

  • Open the Internet Information Services (IIS) manager
  • Select the site you want to remove the header from
  • Double-click the HTTP Response Headers option in the middle
  • Remove the X-frame-options header

Alternate Solution: Install “Ignore X-Frame-Options Header” Firefox Add-on

This is a Firefox add-on that can be used to achieve the same results if you do not have access to the web server.

Installing this Add-on will let you bypass the x-frame-options policy and allow the website to be loaded in the iframe.

Install the Add-on from Here

Ignore X-Frame Options Header add-on

These are the two methods to bypass the frame options policy and let other apps access your website.

Spread the Word

You May Also Like

About the Author: Umair

Umair specializes in System Administration (Windows, Linux), Network Security, Cyber Security and other Technology areas including Web Development Frameworks (ReactJS, NodeJS, MongoDB). He is passionate about helping people with all sorts of technical problems.

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *