XFrameOptions

Hi All,

We have an application, where we show several other 3rd party webpages in our ionic shell using an iFrame. Some of the pages show an error of "Refused to display ‘https://something.com/xyz.aspx’ in a frame because it set ‘X-Frame-Options’ to ‘DENY’.

Few other times, we have removed X-Frame-Options, so that the page showed up.

I would like to know if there are any other ways of achieving this? and How insecure or wrong is removing X-Frame-Options from the pages. I understand that others can also use it in their iFrames and serve that page. Any other cons that you can think of?

Thanks,
Vamshi

1 Like