1

I have an iframe issue with the Chrome browser. In http://bulbanner.cf has the following iframe code:

<iframe src="http://bulbanner.cf/script.html" width=468 height=60 marginwidth=0 marginheight=0 hspace=0 vspace=0 frameborder=0 scrolling="no" title="BulBanner - banner exchange"></iframe>

When you paste the code in another website, 468x60 sized banners are starting to visualize, because in the http://bulbanner.cf/script.html page has a rotator which shows random 468x60 sized banners. Shortly, something like this:

With Firefox everything is fine, but with Chrome very often the iframe doesn't work. Look the result with Chrome:

I think this is a security issue from Chrome browser, however is there any way to resolve it?
I have rights to change the iframe code or I can put some code in the http://bulbanner.cf/script.html page which is visualizing via the above mentioned iframe.

Heretic Monkey
  • 11,687
  • 7
  • 53
  • 122
engpro
  • 11
  • 2
  • Can you hover over the error icon in Chrome? What does it say? – x43 Jan 03 '21 at 18:29
  • Read here a bit https://github.com/davidjbradshaw/iframe-resizer/issues/327 – ptts Jan 03 '21 at 18:40
  • Your website does not have HTTPS, so your iframe cannot be used on HTTPS sites, for security reasons. Get an SSL certificate, no one is using HTTP in 2021 – blex Jan 03 '21 at 18:40
  • @x43 Nothing says. It can't be clicked. It is just showing a sad emoticon, which is with 468x60 size: https://i.imgur.com/k3lS2k5.png – engpro Jan 03 '21 at 18:54
  • @blex How to get an SSL certificate and is it possible to get it with free hosting and domaint (freenom + infinityfree hosting)? – engpro Jan 03 '21 at 18:54
  • [Let's encrypt](https://letsencrypt.org/) provides SSL certificates for free, I use it on my domains – blex Jan 03 '21 at 18:57

1 Answers1

1

In this case the X-Frame-Origin header is generated by Google’s support page. So you can’t change that. The website you want to make an iFrame has a .htaccess code that blocks iFrame request. Like if you insert this code Header set X-Frame-Options DENY to your website’s .htaccess then any iFrame requests will be blocked.

Amir BenAmara
  • 676
  • 7
  • 12
  • Yes, I have a .htaccess file in the site. Can I make something with this file in order to fix the problem ? – engpro Jan 04 '21 at 12:01
  • you can find the answer here : [link]https://stackoverflow.com/questions/5881139/how-to-block-iframe-call [link]https://serverfault.com/questions/854461/apache-config-allow-iframes-only-for-a-specific-directory – Amir BenAmara Jan 04 '21 at 12:09
  • lol I am fixed it :) The problem is in the .htaccess file. I just moved the http://bulbanner.cf/script.html file (which is in the iframe code) in another hosting company where don't have .htaccess . It looks working for now :) – engpro Jan 04 '21 at 17:48