How Can I Bypass the X-Frame-Options: SAMEORIGIN HTTP Header?

by

UPDATE: 2019-12-30

It seem that this tool is no longer working! [Request for update!]

UPDATE 2019-01-06: You can bypass X-Frame-Options in an <iframe> using my X-Frame-Bypass Web Component. It extends the IFrame element by using multiple CORS proxies and it was tested in the latest Firefox and Chrome.

You can use it as follows:

  1. (Optional) Include the Custom Elements with Built-in Extends polyfill for Safari:

    <script src="https://unpkg.com/@ungap/custom-elements-builtin"></script>

  2. Include the X-Frame-Bypass JS module:

    <script type="module" src="https://stackoverflow.com/questions/2783095/x-frame-bypass.js"></script>

  3. Insert the X-Frame-Bypass Custom Element:

    <iframe is="x-frame-bypass" src="https://example.org/"></iframe>

More Related Contents:

  1. Disabling browser caching for all browsers from ASP.NET
  2. asp.net c# redirecting from http to https
  3. Response Content type as CSV
  4. What happens when I edit web.config?
  5. IIS and Static content?
  6. Maximum default POST request size of IIS 7 – how to increase 64kB/65kB limit?
  7. Default redirect for Error 404
  8. How do you modify the web.config appSettings at runtime?
  9. Disable browser’s back button
  10. How to implement multiple searching in jqGrid
  11. ASP.NET Server does not process pages asynchronously
  12. How to add ASP.NET 4.0 as Application Pool on IIS 7, Windows 7
  13. Using VirtualPathProvider to load ASP.NET MVC views from DLLs
  14. How should I perform a long-running task in ASP.NET 4?
  15. Chrome localhost cookie not being set
  16. IIS7 Overrides customErrors when setting Response.StatusCode?
  17. Can we use multiple forms in a web page?
  18. Difference between and ?
  19. X-Frame-Options Allow-From multiple domains
  20. MVC 5 Access Claims Identity User Data
  21. Is there a way to programmatically determine if a font file has a specific Unicode Glyph?
  22. Entity Framework: how to solve “FOREIGN KEY constraint may cause cycles or multiple cascade paths”?
  23. Escape quote in web.config connection string
  24. Wcf-The maximum message size quota for incoming messages (65536) has been exceeded?
  25. The transaction manager has disabled its support for remote/network transactions
  26. What is crossdomain.xml file?
  27. How can I get a MAC address from an HTTP request?
  28. MSBuild Script and VS2010 publish apply Web.config Transform
  29. How do I crop the contents of an Iframe to show a part of a page?
  30. How to disable submit behaviour of asp:ImageButton?

Leave a Comment