You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Nikita Matrosov (JIRA)" <ji...@apache.org> on 2017/04/07 10:46:41 UTC
[jira] [Commented] (CB-12464) InAppBrowser for browser does not
work with X-Frame-Options: DENY
[ https://issues.apache.org/jira/browse/CB-12464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15960596#comment-15960596 ]
Nikita Matrosov commented on CB-12464:
--------------------------------------
[~joelrich], InAppBrowser plugin is implemented via iframe for browser platform. Could you please try to use {{_self}} as target for open URL (make sure that your URL is in white list).
> InAppBrowser for browser does not work with X-Frame-Options: DENY
> ------------------------------------------------------------------
>
> Key: CB-12464
> URL: https://issues.apache.org/jira/browse/CB-12464
> Project: Apache Cordova
> Issue Type: Bug
> Components: Browser, Plugin InAppBrowser
> Reporter: Joel Richard
>
> I am using cordova-plugin-inappbrowser 1.6.1 for an OAuth login page. Unfortunately, the login does not work with "phonegap serve" since it uses X-Frame-Options: DENY.
> I see two possible solutions:
> 1) window.open instead of iframe
> 2) Load everything in the InAppBrowser through a proxy and remove such headers (similar to the proxy which is used for CORS problems).
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org