EIN Presswire (
www.einpresswire.com/press-releases
) generates the following errors when I embed our club website:
1. Check headers
Header X-Frame-Options found.
The header ist set to DENY. This means the page cannot be included into an iframe.
Show the full header
Header for:
Neurodiverse.ToastmastersClubs.OrgHTTP/2
200
cache-control: max-age=0, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
pragma: no-cache
expires: 0
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding,User-Agent
x-frame-options: DENY
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 15:38:42 GMT
server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 mod_perl/2.0.7 Perl/v5.16.3
Check if a frame killer script is one the remote page. If you see the iframe below it works. If you click and you see the other page full screen a frame killer script does run and you cannot include the page.
2. Check frame killer script
Checked 15025 urls so far.A running frame killer script means that if you include the page into an iframe it automatically shows itself outside the iframe. See
en.wikipedia.org/wiki/Framekiller
or
www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
for details.Please don't ask for any support to break any frame killer script because this is not legal in my opinion! Therefore I will also not include any iframe killer breaker into advanced iframe!V2.0 does now follow redirects and does provide much more details about the result. v2.0 is now also directly included into the plugin!
V3.0 does now check the CSP header also.Copyright © 2023 TinyWebGallery Blog.Omega WordPress Theme by
ThemeHall
