Hi,
I am having issues with X-frame options exempt. I keep getting the same chrome error: “Refused to display 'https://www.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.” In my application I have performed the following combination of actions and still have the error : 1. Removed X-frame middleware setting: 2. Changed X-frame Options: 3. Utilized decorator @xframe_options_exempt 4. Although I am looking to use this in a template, I also tested Iframe directly in HTTPResponse *Settings.py* MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', ] X_FRAME_OPTIONS = 'ALLOWALL' *Views.py* from django.shortcuts import render from django.http import HttpResponse from django.views.decorators.clickjacking import xframe_options_exempt @xframe_options_exempt def index(request): return HttpResponse('<div id = "sourceframe"><iframe id = "4" src = "https://www.google.com/"; width = "100%" height = "100%"></iframe></div>') -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/8f835aed-51c8-4c11-a0d0-3b828e3bcb9bn%40googlegroups.com.
