Skip to content

Instantly share code, notes, and snippets.

Created June 17, 2014 13:45
  • Star 35 You must be signed in to star a gist
  • Fork 15 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save dergachev/e216b25d9a144914eae2 to your computer and use it in GitHub Desktop.
Source code for "Ignore X-Frame headers" chrome extension; see
function (details) {
for (var i = 0; i < details.responseHeaders.length; ++i) {
if (details.responseHeaders[i].name.toLowerCase() == 'x-frame-options') {
details.responseHeaders.splice(i, 1);
return {
responseHeaders: details.responseHeaders
}, {
urls: ["<all_urls>"]
}, ["blocking", "responseHeaders"]);
"background": {
"scripts": [ "background.js" ]
"description": "Drops X-Frame-Options HTTP response headers, allowing all pages to be iframed.",
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDysh7qP/8H9qUMb0R9BZbk2NDirtNgRyo9AEh9C5HFcoMELEzJ/M/sCqn/yDM/Z7GK3t+w02zCeTBknLEUwgFL9kRxVV4s1kfgbijVHTSJkII6OjqiWDPkDeyMJ1oOr156Rct2bp2MAwOf0Tk1bm2UdwNbJxoE5sQFd2Hbu+WFxQIDAQAB",
"manifest_version": 2,
"name": "Ignore X-Frame headers",
"permissions": [ "webRequest", "webRequestBlocking", "\u003Call_urls>" ],
"update_url": "",
"version": "1.0"
Copy link

phyr0s commented May 14, 2015

¿How I can use in one website to insert this script to enable one iframe?

Copy link

techsin commented Jul 5, 2015

Do tou know about documentation, in there i see that it only takes handlers and not last two parameters like object and an array

Copy link

rhew commented Sep 10, 2015

Hi Alex.

Thank you for this extension, it helped me make a nice presentation with sites in iframes. I made a minor change that strips multiple x-frame-headers. Feel free to pick it up and include it (I cant find a way to make a pull request against a gist).

Thanks again,

Copy link

It works like a charm. Thanks a lot.

Copy link

Is there any way to "Ignore X-Frame Headers" when using CrossWalk Project? I would like to use IFRAME of various content sources within my CrossWalk powered application.

Copy link

HII , Can you please provide mi stepwise guide how to add this code into normal html file like..index.html which contain frame
it will be great help

Copy link

how i can do you import file manifest.json

Copy link

This doesn't help in case of running headless.

Copy link

Hi I have a question about your implementation
is a chance that your code will be work when i run scripts via : npm run "scripts" command
it will automatically add ignore addon ?


Copy link

For me this no longer works since new permissions were added sometime in chrome. I have created an extension with the new permissions and some more things:

Copy link

Recommendations as the "Ignore X-Frame headers" Chrome extension author:

Copy link

Mkawad commented May 7, 2021

Hi all, i'm trying to config a new project with cypress and everything was good until i faced an issue which is :
every time i try to hit a url via cy.visit it stop with an error displayed as 404 even though the url is right
i read about this issue and kind of an issue with same origin policy i'm not sure
can anyone help me please with this issue ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment