Chrome v60.x not working with X-Frame-options SAMEORIGIN

[srinivas vallap]

I have an application deployed in WebLogic and the requests are proxied from Apache. Until Chrome Version 59, the X-Frame Options was working fine in Chrome and all other browsers.

My app uses an iframe of a bank to add credit/debit card details to the wallet on my app and now after upgrading to the Chrome v60, the iframe is no longer working and chrome throws an error saying that it detected X-FramesOptions SAMEORIGIN and the request is not rendered. While the same app works fine on all other browsers.

Please help what configuration do I need to make in APache to get this working.

[PhistucK]

This is the wrong group. Please, use stackoverflow.com for web development issues.

☆PhistucK

--
You received this message because you are subscribed to the Google Groups "Google Chrome Developer Tools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-chrome-developer-tools+unsub...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-chrome-developer-tools/8f69c726-db5a-4352-a3c6-87606a5e390e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[fabiolade...@gmail.com]

Hello,

We experienced the same issue last week in Chrome but on our ecommerce Magento website. We had to enable a security setting in the configurations to fix it but this setting is supposed to be Disabled per Magento security guidelines. 

I am trying to look online to see if there's anything about a change in Chrome v60 that caused this but I haven't found anything. Did you get an answer from stackoverflow? Do you know what changed?

Thank you in advance,

[PhistucK]

This is probably a deliberate change.

https://www.chromestatus.com/features/4678102647046144

See the intent to ship thread (you can comment there) -

https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/fsDaKFqvU20

Again, this is not the right group for such issues. Please, do not continue this thread.

☆PhistucK

--

You received this message because you are subscribed to the Google Groups "Google Chrome Developer Tools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-chrome-developer-tools+unsub...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/google-chrome-developer-tools/1765e91d-80a4-4ab9-9bfd-72cdeecd93f8%40googlegroups.com.