MVC5 automatically adds the HTTP header X-Frame-Options with SAMEORIGIN
. This prevents your site from being loaded into an iframe
.
But we can turn this off in Application_Start
in the Global.asax.cs
.
Example
protected void Application_Start()
{
AntiForgeryConfig.SuppressXFrameOptionsHeader = true;
}
Update
I have written a post about this MVC5 prevents your website being loaded in an IFRAME