Hi All,

We have an application, where we show several other 3rd party webpages in our ionic shell using an iFrame. Some of the pages show an error of "Refused to display ‘https://something.com/xyz.aspx’ in a frame because it set ‘X-Frame-Options’ to ‘DENY’.

Few other times, we have removed X-Frame-Options, so that the page showed up.

I would like to know if there are any other ways of achieving this? and How insecure or wrong is removing X-Frame-Options from the pages. I understand that others can also use it in their iFrames and serve that page. Any other cons that you can think of?


1 Like