Answered

Issue while embedding link

  • 25 November 2020
  • 3 replies
  • 618 views

I am using Angular 6 , and when I tried to embed the below link

 

<iframe [src]='https://miro.com/app/board/o9J_ldxFWKw=/'></iframe>

 

I am getting the below error in console.

Refused to display 'https://miro.com/app/board/o9J_ldxFWKw=/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

 

any help would be highly appreciated.

icon

Best answer by Boris Borodyansky 25 November 2020, 13:04

Hi Manjula!

If you want to embed a single board, please use this user guide on how to do it: https://help.miro.com/hc/en-us/articles/360016335640-Embedding-Editable-Boards-into-Websites

If you want to build and actual integration, then please follow this developer guide: https://developers.miro.com/docs/embedding-boards

 

View original

3 replies

Userlevel 4
Badge +8

Hi Manjula!

If you want to embed a single board, please use this user guide on how to do it: https://help.miro.com/hc/en-us/articles/360016335640-Embedding-Editable-Boards-into-Websites

If you want to build and actual integration, then please follow this developer guide: https://developers.miro.com/docs/embedding-boards

 

Thanks a lot

Badge

X-Frame-Options is a header included in the response to the request to state if the domain requested will allow itself to be displayed within a frame. It has nothing to do with javascript or HTML, and cannot be changed by the originator of the request. You can't set X-Frame-Options on the iframe. That is a response header set by the domain from which you are requesting the resource . They have set the header to SAMEORIGIN in this case, which means that they have disallowed loading of the resource in an iframe outside of their domain. So you cannot embed their website into yours. Browsers when see that the response header contains X-Frame-Options: SAMEORIGIN, they check your domain and block the rendering of the <iframe>. It is a security measure to avoid clickjacking.

 

Reply