panizzerameatco Posted February 19, 2022 Share Posted February 19, 2022 Thanks in advance, I am trying to make a site for a small local franchise, where the giant corporate website allows a free ship to store option... I would really like to "inject" this site into theirs, essentially keeping their header and logo on the page while shopping and ordering through the big corporate website. Is this possible? Thank you Link to comment
creedon Posted February 19, 2022 Share Posted February 19, 2022 (edited) I suggest exploring the use of a code block and an iframe tag. Edited September 12, 2022 by creedon panizzerameatco 1 Find my contributions useful? Please like, upvote, mark my answer as the best ( solution ), and see my profile. Thanks for your support! I am a Squarespace ( and other technological things ) consultant open for new projects. Link to comment
panizzerameatco Posted February 19, 2022 Author Share Posted February 19, 2022 creedon, thank you so much for the help, when i enter the iframe code, it gives a firefox cant display this page error for https://www.doitbest.com, any idea why that would happen? Link to comment
creedon Posted February 19, 2022 Share Posted February 19, 2022 I'm seeing the following error. Refused to display 'https://www.doitbest.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'. The means that doitbest have prevented the use of their site in an iframe unless the site making the request is in the same domain as theirs. Find my contributions useful? Please like, upvote, mark my answer as the best ( solution ), and see my profile. Thanks for your support! I am a Squarespace ( and other technological things ) consultant open for new projects. Link to comment
ricslator Posted September 12, 2022 Share Posted September 12, 2022 On 2/20/2022 at 1:13 AM, creedon said: in a frame because it set 'X-Frame-Options' to 'sameorigin'. X-Frame-Options is a header included in the response to the request to state if the domain requested will allow itself to be displayed within a frame. It has nothing to do with javascript or HTML, and cannot be changed by the originator of the request. You can't set X-Frame-Options on the iframe. That is a response header set by the domain from which you are requesting the resource . They have set the header to SAMEORIGIN in this case, which means that they have disallowed loading of the resource in an iframe outside of their domain. So you cannot embed their website into yours. Browsers when see that the response header contains X-Frame-Options: SAMEORIGIN, they check your domain and block the rendering of the <iframe>. It is a security measure to avoid clickjacking. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment