Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Source code for "Ignore X-Frame headers" chrome extension; see https://chrome.google.com/webstore/detail/ignore-x-frame-headers/gleekbfjekiniecknbkamfmkohkpodhe
chrome.webRequest.onHeadersReceived.addListener(
function (details) {
for (var i = 0; i < details.responseHeaders.length; ++i) {
if (details.responseHeaders[i].name.toLowerCase() == 'x-frame-options') {
details.responseHeaders.splice(i, 1);
return {
responseHeaders: details.responseHeaders
};
}
}
}, {
urls: ["<all_urls>"]
}, ["blocking", "responseHeaders"]);
{
"background": {
"scripts": [ "background.js" ]
},
"description": "Drops X-Frame-Options HTTP response headers, allowing all pages to be iframed.",
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDysh7qP/8H9qUMb0R9BZbk2NDirtNgRyo9AEh9C5HFcoMELEzJ/M/sCqn/yDM/Z7GK3t+w02zCeTBknLEUwgFL9kRxVV4s1kfgbijVHTSJkII6OjqiWDPkDeyMJ1oOr156Rct2bp2MAwOf0Tk1bm2UdwNbJxoE5sQFd2Hbu+WFxQIDAQAB",
"manifest_version": 2,
"name": "Ignore X-Frame headers",
"permissions": [ "webRequest", "webRequestBlocking", "\u003Call_urls>" ],
"update_url": "http://clients2.google.com/service/update2/crx",
"version": "1.0"
}
@videmort

This comment has been minimized.

Copy link

@videmort videmort commented May 14, 2015

¿How I can use in one website to insert this script to enable one iframe?

@techsin

This comment has been minimized.

Copy link

@techsin techsin commented Jul 5, 2015

Do tou know about documentation, in there i see that it only takes handlers and not last two parameters like object and an array

@rhew

This comment has been minimized.

Copy link

@rhew rhew commented Sep 10, 2015

Hi Alex.

Thank you for this extension, it helped me make a nice presentation with sites in iframes. I made a minor change that strips multiple x-frame-headers. Feel free to pick it up and include it (I cant find a way to make a pull request against a gist).

https://gist.github.com/rhew/9ffa6d4b1b23b162b6ab#file-background-js

Thanks again,
James

@lingyanmeng

This comment has been minimized.

Copy link

@lingyanmeng lingyanmeng commented Nov 8, 2016

It works like a charm. Thanks a lot.

@SonicACCEL

This comment has been minimized.

Copy link

@SonicACCEL SonicACCEL commented May 10, 2017

Is there any way to "Ignore X-Frame Headers" when using CrossWalk Project? I would like to use IFRAME of various content sources within my CrossWalk powered application.

@tpass9161

This comment has been minimized.

Copy link

@tpass9161 tpass9161 commented Aug 18, 2017

HII , Can you please provide mi stepwise guide how to add this code into normal html file like..index.html which contain frame
it will be great help

@hoangnguyenbkict

This comment has been minimized.

Copy link

@hoangnguyenbkict hoangnguyenbkict commented Nov 28, 2019

how i can do you import file manifest.json

@ShamiliPrabu

This comment has been minimized.

Copy link

@ShamiliPrabu ShamiliPrabu commented Aug 26, 2020

This doesn't help in case of running headless.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.