How to solve Blocked a frame with origin from accessing a cross origin frame error in wordpress? [duplicate]
This question already has an answer here:
Cross domain iframe issue
4 answers
I am working on a WordPress website in which there are a lot of wordpress plugins installed.
The plugins installed on the wordpress website has the following options:
When I click on View details option, I am getting the blank screen as shown below in an image but when I open in a new window or tab, it works.
On checking console, I am getting the following error (when clicking on View Details fails to open on the same page):
Blocked a frame with origin from accessing a cross-origin frame.
at Contents
at Function.map
at a.fn.init.n.fn.(anonymous function) [as contents]
and many other places.
Problem Statement:
I am wondering which file I need to modify in wordpress in order to solve this error. This error seems to exist in every wordpress plugins. It works in a new tab or window but fails to work in the same page.
javascript jquery wordpress same-origin-policy
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
marked as duplicate by Quentin javascript
Users with the javascript badge can single-handedly close javascript questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Jan 8 at 15:11
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
|
show 5 more comments
This question already has an answer here:
Cross domain iframe issue
4 answers
I am working on a WordPress website in which there are a lot of wordpress plugins installed.
The plugins installed on the wordpress website has the following options:
When I click on View details option, I am getting the blank screen as shown below in an image but when I open in a new window or tab, it works.
On checking console, I am getting the following error (when clicking on View Details fails to open on the same page):
Blocked a frame with origin from accessing a cross-origin frame.
at Contents
at Function.map
at a.fn.init.n.fn.(anonymous function) [as contents]
and many other places.
Problem Statement:
I am wondering which file I need to modify in wordpress in order to solve this error. This error seems to exist in every wordpress plugins. It works in a new tab or window but fails to work in the same page.
javascript jquery wordpress same-origin-policy
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
marked as duplicate by Quentin javascript
Users with the javascript badge can single-handedly close javascript questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Jan 8 at 15:11
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
1
Probably a common issue. Would check questions on wordpress.stackexchange.com
– charlietfl
Nov 12 '18 at 4:46
@NikosM. Hi, I had a look on the link but I am unable to find any concrete answer. I am going to open my wordpress website on different browser.
– john
Nov 14 '18 at 15:22
blocking frame conent if it is from different origin is common to all browsers but can change with a browser setting, it is not a wordpress issue it is a browser securoty issue
– Nikos M.
Nov 14 '18 at 17:00
Nikos M I am wondering what browser settings I need to change let say for example chrome. I am wondering what settings I need to change there in order to make it work.
– john
Nov 14 '18 at 18:42
1
@Ramesh — No. The error says the problem is accessing a cross origin iframe.
– Quentin
Jan 8 at 15:13
|
show 5 more comments
This question already has an answer here:
Cross domain iframe issue
4 answers
I am working on a WordPress website in which there are a lot of wordpress plugins installed.
The plugins installed on the wordpress website has the following options:
When I click on View details option, I am getting the blank screen as shown below in an image but when I open in a new window or tab, it works.
On checking console, I am getting the following error (when clicking on View Details fails to open on the same page):
Blocked a frame with origin from accessing a cross-origin frame.
at Contents
at Function.map
at a.fn.init.n.fn.(anonymous function) [as contents]
and many other places.
Problem Statement:
I am wondering which file I need to modify in wordpress in order to solve this error. This error seems to exist in every wordpress plugins. It works in a new tab or window but fails to work in the same page.
javascript jquery wordpress same-origin-policy
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
This question already has an answer here:
Cross domain iframe issue
4 answers
I am working on a WordPress website in which there are a lot of wordpress plugins installed.
The plugins installed on the wordpress website has the following options:
When I click on View details option, I am getting the blank screen as shown below in an image but when I open in a new window or tab, it works.
On checking console, I am getting the following error (when clicking on View Details fails to open on the same page):
Blocked a frame with origin from accessing a cross-origin frame.
at Contents
at Function.map
at a.fn.init.n.fn.(anonymous function) [as contents]
and many other places.
Problem Statement:
I am wondering which file I need to modify in wordpress in order to solve this error. This error seems to exist in every wordpress plugins. It works in a new tab or window but fails to work in the same page.
This question already has an answer here:
Cross domain iframe issue
4 answers
javascript jquery wordpress same-origin-policy
javascript jquery wordpress same-origin-policy
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
edited Nov 14 '18 at 3:05
john
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
asked Nov 12 '18 at 3:04
johnjohn
1,9521770156
1,9521770156
marked as duplicate by Quentin javascript
Users with the javascript badge can single-handedly close javascript questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Jan 8 at 15:11
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by Quentin javascript
Users with the javascript badge can single-handedly close javascript questions as duplicates and reopen them as needed.
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Jan 8 at 15:11
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
1
Probably a common issue. Would check questions on wordpress.stackexchange.com
– charlietfl
Nov 12 '18 at 4:46
@NikosM. Hi, I had a look on the link but I am unable to find any concrete answer. I am going to open my wordpress website on different browser.
– john
Nov 14 '18 at 15:22
blocking frame conent if it is from different origin is common to all browsers but can change with a browser setting, it is not a wordpress issue it is a browser securoty issue
– Nikos M.
Nov 14 '18 at 17:00
Nikos M I am wondering what browser settings I need to change let say for example chrome. I am wondering what settings I need to change there in order to make it work.
– john
Nov 14 '18 at 18:42
1
@Ramesh — No. The error says the problem is accessing a cross origin iframe.
– Quentin
Jan 8 at 15:13
|
show 5 more comments
1
Probably a common issue. Would check questions on wordpress.stackexchange.com
– charlietfl
Nov 12 '18 at 4:46
@NikosM. Hi, I had a look on the link but I am unable to find any concrete answer. I am going to open my wordpress website on different browser.
– john
Nov 14 '18 at 15:22
blocking frame conent if it is from different origin is common to all browsers but can change with a browser setting, it is not a wordpress issue it is a browser securoty issue
– Nikos M.
Nov 14 '18 at 17:00
Nikos M I am wondering what browser settings I need to change let say for example chrome. I am wondering what settings I need to change there in order to make it work.
– john
Nov 14 '18 at 18:42
1
@Ramesh — No. The error says the problem is accessing a cross origin iframe.
– Quentin
Jan 8 at 15:13
1
1
Probably a common issue. Would check questions on wordpress.stackexchange.com
– charlietfl
Nov 12 '18 at 4:46
Probably a common issue. Would check questions on wordpress.stackexchange.com
– charlietfl
Nov 12 '18 at 4:46
@NikosM. Hi, I had a look on the link but I am unable to find any concrete answer. I am going to open my wordpress website on different browser.
– john
Nov 14 '18 at 15:22
@NikosM. Hi, I had a look on the link but I am unable to find any concrete answer. I am going to open my wordpress website on different browser.
– john
Nov 14 '18 at 15:22
blocking frame conent if it is from different origin is common to all browsers but can change with a browser setting, it is not a wordpress issue it is a browser securoty issue
– Nikos M.
Nov 14 '18 at 17:00
blocking frame conent if it is from different origin is common to all browsers but can change with a browser setting, it is not a wordpress issue it is a browser securoty issue
– Nikos M.
Nov 14 '18 at 17:00
Nikos M I am wondering what browser settings I need to change let say for example chrome. I am wondering what settings I need to change there in order to make it work.
– john
Nov 14 '18 at 18:42
Nikos M I am wondering what browser settings I need to change let say for example chrome. I am wondering what settings I need to change there in order to make it work.
– john
Nov 14 '18 at 18:42
1
1
@Ramesh — No. The error says the problem is accessing a cross origin iframe.
– Quentin
Jan 8 at 15:13
@Ramesh — No. The error says the problem is accessing a cross origin iframe.
– Quentin
Jan 8 at 15:13
|
show 5 more comments
2 Answers
2
active
oldest
votes
The browser is blocking the new frame due to an HTTP security header. There are few relevant security headers and you can get the details here:
https://www.dionach.com/blog/an-overview-of-http-security-headers
Most likely, that one of the WordPress security plugins is injecting this header.
In rare cases, the web server itself was configured to inject those headers.
I suggest to search through the settings of all active security plugins to find where the "Same Origin Policy" is forced on admin screens.
If you can't find the setting directly, then disable the plugins one-by-one, till the issue is resolved. Of-course, there is a plugin to disable plugins for you only (without affecting any other user): https://wordpress.org/plugins/health-check/
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
add a comment |
This issue can be from video iframe. Which can be in widget or anywhere you used. Did you added any video iframe from any channel which has any privacy or restriction.
If it's for particular plugin use case then please take a look around where you used or check plugin code or plugin issues if it has any issue then apply patch for that ?
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The browser is blocking the new frame due to an HTTP security header. There are few relevant security headers and you can get the details here:
https://www.dionach.com/blog/an-overview-of-http-security-headers
Most likely, that one of the WordPress security plugins is injecting this header.
In rare cases, the web server itself was configured to inject those headers.
I suggest to search through the settings of all active security plugins to find where the "Same Origin Policy" is forced on admin screens.
If you can't find the setting directly, then disable the plugins one-by-one, till the issue is resolved. Of-course, there is a plugin to disable plugins for you only (without affecting any other user): https://wordpress.org/plugins/health-check/
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
add a comment |
The browser is blocking the new frame due to an HTTP security header. There are few relevant security headers and you can get the details here:
https://www.dionach.com/blog/an-overview-of-http-security-headers
Most likely, that one of the WordPress security plugins is injecting this header.
In rare cases, the web server itself was configured to inject those headers.
I suggest to search through the settings of all active security plugins to find where the "Same Origin Policy" is forced on admin screens.
If you can't find the setting directly, then disable the plugins one-by-one, till the issue is resolved. Of-course, there is a plugin to disable plugins for you only (without affecting any other user): https://wordpress.org/plugins/health-check/
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
add a comment |
The browser is blocking the new frame due to an HTTP security header. There are few relevant security headers and you can get the details here:
https://www.dionach.com/blog/an-overview-of-http-security-headers
Most likely, that one of the WordPress security plugins is injecting this header.
In rare cases, the web server itself was configured to inject those headers.
I suggest to search through the settings of all active security plugins to find where the "Same Origin Policy" is forced on admin screens.
If you can't find the setting directly, then disable the plugins one-by-one, till the issue is resolved. Of-course, there is a plugin to disable plugins for you only (without affecting any other user): https://wordpress.org/plugins/health-check/
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
The browser is blocking the new frame due to an HTTP security header. There are few relevant security headers and you can get the details here:
https://www.dionach.com/blog/an-overview-of-http-security-headers
Most likely, that one of the WordPress security plugins is injecting this header.
In rare cases, the web server itself was configured to inject those headers.
I suggest to search through the settings of all active security plugins to find where the "Same Origin Policy" is forced on admin screens.
If you can't find the setting directly, then disable the plugins one-by-one, till the issue is resolved. Of-course, there is a plugin to disable plugins for you only (without affecting any other user): https://wordpress.org/plugins/health-check/
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
answered Nov 15 '18 at 11:52
Yuval PapishYuval Papish
92
92
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
add a comment |
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
No. If it was any of these then the error message would mention it. Disallowed access to cross-origin pages via iframes is the default behaviour.
– Quentin
Jan 8 at 15:12
add a comment |
This issue can be from video iframe. Which can be in widget or anywhere you used. Did you added any video iframe from any channel which has any privacy or restriction.
If it's for particular plugin use case then please take a look around where you used or check plugin code or plugin issues if it has any issue then apply patch for that ?
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
add a comment |
This issue can be from video iframe. Which can be in widget or anywhere you used. Did you added any video iframe from any channel which has any privacy or restriction.
If it's for particular plugin use case then please take a look around where you used or check plugin code or plugin issues if it has any issue then apply patch for that ?
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
add a comment |
This issue can be from video iframe. Which can be in widget or anywhere you used. Did you added any video iframe from any channel which has any privacy or restriction.
If it's for particular plugin use case then please take a look around where you used or check plugin code or plugin issues if it has any issue then apply patch for that ?
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
This issue can be from video iframe. Which can be in widget or anywhere you used. Did you added any video iframe from any channel which has any privacy or restriction.
If it's for particular plugin use case then please take a look around where you used or check plugin code or plugin issues if it has any issue then apply patch for that ?
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
answered Nov 29 '18 at 12:57
Sourabh BhutaniSourabh Bhutani
164110
164110
add a comment |
add a comment |
1
Probably a common issue. Would check questions on wordpress.stackexchange.com
– charlietfl
Nov 12 '18 at 4:46
@NikosM. Hi, I had a look on the link but I am unable to find any concrete answer. I am going to open my wordpress website on different browser.
– john
Nov 14 '18 at 15:22
blocking frame conent if it is from different origin is common to all browsers but can change with a browser setting, it is not a wordpress issue it is a browser securoty issue
– Nikos M.
Nov 14 '18 at 17:00
Nikos M I am wondering what browser settings I need to change let say for example chrome. I am wondering what settings I need to change there in order to make it work.
– john
Nov 14 '18 at 18:42
1
@Ramesh — No. The error says the problem is accessing a cross origin iframe.
– Quentin
Jan 8 at 15:13