Refused to display X in frame even if there are headers: ALLOW-FROM https://accounts.google.com/*
I have an angular-js app that is hosted by the app (I can host it using gulp)
It has index.html and I want it to be called gapi
to connect the current user and ask him to oauth for permissions.
<!DOCTYPE html>
<html>
<head>
<script src="//apis.google.com/js/client.js?onload=handleClientLoad"></script>
</head>
<body ng-app="promptoWeb" ng-cloak layout="column" layout-fill="" style="height:100%">
However, when I receive index.html
, I see this error in the developer console:
: 3000 / #! /: 1 Rejected for display ' https://accounts.google.com/o/oauth2/auth?client_id=505822449425-e01arfrf92 ... res __% 2Fam% 3DkQ% 2Frt% 3Dj% 2Fd% 3D1 % 2Frs% 3DAGLTcCOUIXKgKDwlapCiIqRNkMcHmGTEjw 'in the frame because he set "X-Frame-Options" to "sameorigin".
cb=gapi.loaded_0:559 GET https://accounts.google.com/o/oauth2/auth?client_id=505822449425-e01arfrf92…res__%2Fam%3DkQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOUIXKgKDwlapCiIqRNkMcHmGTEjw net::ERR_BLOCKED_BY_RESPONSE
bx @ cb=gapi.loaded_0:559
(anonymous) @ cb=gapi.loaded_0:570
(anonymous) @ cb=gapi.loaded_0:568
(anonymous) @ cb=gapi.loaded_0:551
g @ cb=gapi.loaded_0:101
c @ cb=gapi.loaded_0:97
VM2548:1 GET https://content-issuetracker.corp.googleapis.com/$discovery/rest?pp=0&field…ds%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D 403 ()
(anonymous) @ VM2548:1
zu @ cb=gapi.loaded_0:130
n @ cb=gapi.loaded_0:130
Cu @ cb=gapi.loaded_0:131
(anonymous) @ cb=gapi.loaded_0:131
g @ cb=gapi.loaded_0:87
c @ cb=gapi.loaded_0:83
VM2548:1 GET https://content-issuetracker.corp.googleapis.com/$discovery/rest?pp=0&field…ds%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D 403 ()
Why am I getting this? as iJetty adds these headers:
X-Frame-Options:ALLOW-FROM https://accounts.google.com/*
source to share
No one has answered this question yet
Check out similar questions: