I think the problem here is Google doesn't want to be embedded and there isn't much you can do about it. If you can test it by replacing Google's URL with another one that works, then I think you proved your code is good.
On Monday, November 1, 2021 at 8:53:52 AM UTC-4 [email protected] wrote: > Hi, > > I am having issues with X-frame options exempt. I keep getting the same > chrome error: > > “Refused to display 'https://www.google.com/' in a frame because it set > 'X-Frame-Options' to 'sameorigin'.” > > In my application I have performed the following combination of actions > and still have the error : > > 1. Removed X-frame middleware setting: > 2. Changed X-frame Options: > 3. Utilized decorator @xframe_options_exempt > 4. Although I am looking to use this in a template, I also tested > Iframe directly in HTTPResponse > > > *Settings.py* > > MIDDLEWARE = [ > 'django.middleware.security.SecurityMiddleware', > 'django.contrib.sessions.middleware.SessionMiddleware', > 'django.middleware.common.CommonMiddleware', > 'django.middleware.csrf.CsrfViewMiddleware', > 'django.contrib.auth.middleware.AuthenticationMiddleware', > 'django.contrib.messages.middleware.MessageMiddleware', > > ] > > X_FRAME_OPTIONS = 'ALLOWALL' > > > > *Views.py* > > from django.shortcuts import render > from django.http import HttpResponse > from django.views.decorators.clickjacking import xframe_options_exempt > > @xframe_options_exempt > def index(request): > return HttpResponse('<div id = "sourceframe"><iframe id = "4" src = " > https://www.google.com/"; width = "100%" height = "100%"></iframe></div>') > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/8f4861ae-9441-4dec-a7da-92f2e18a3ca6n%40googlegroups.com.
