Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
Hi,
We recently switched our Umbraco site to HTTPS, and now we cannot create anything in the back office, as we receive this error in the console:
create
Load denied by X-Frame-Options:
When I change the value of "umbracoUseSSL" key from false to true in web.config, I cannot login the back office due to too many redirection error.
too many redirection
Is there any other way to solve this problem?
Regards.
I have a lot of tips about https in my blog post here: https://cultiv.nl/blog/so-you-want-to-secure-your-umbraco-site/
For the first error you need to allow some iframes for certain locations (umbraco path).
The redirects problem doesn't ring a bell directly but maybe the blog post will help you find the magical balance.
Hi Sebastiaan,
Actually your article was the first thing I checked via Google search and made the 'umbracoUseSSL' change accordingly.
For the first error you need to allow some iframes for certain locations (Umbraco path).
I will read further about this suggestion now.
This was the solution for my problem.
So, I changed the value of "umbracoUseSSL" key back to false, and added the following section to my web.config:
false
<location path="umbraco"> <system.webServer> <urlCompression doStaticCompression="false" doDynamicCompression="false" dynamicCompressionBeforeCache="false" /> <httpProtocol> <customHeaders> <remove name="X-Frame-Options" /> <add name="X-Frame-Options" value="SAMEORIGIN" /> <remove name="Content-Security-Policy" /> <add name="Content-Security-Policy" value="default-src 'self' www.gravatar.com player.vimeo.com *.vimeocdn.com packages.umbraco.org our.umbraco.org;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: www.gravatar.com umbraco.tv;font-src 'self';" /> </customHeaders> </httpProtocol> </system.webServer> </location>
Problem solved! Thank you very much Sebastiaan..
is working on a reply...
Write your reply to:
Upload image
Image will be uploaded when post is submitted
Load denied by X-Frame-Options: <URL> does not permit framing.
Hi,
We recently switched our Umbraco site to HTTPS, and now we cannot
createanything in the back office, as we receive this error in the console:Load denied by X-Frame-Options:
When I change the value of "umbracoUseSSL" key from false to true in web.config, I cannot login the back office due to
too many redirectionerror.Is there any other way to solve this problem?
Regards.
I have a lot of tips about https in my blog post here: https://cultiv.nl/blog/so-you-want-to-secure-your-umbraco-site/
For the first error you need to allow some iframes for certain locations (umbraco path).
The redirects problem doesn't ring a bell directly but maybe the blog post will help you find the magical balance.
Hi Sebastiaan,
Actually your article was the first thing I checked via Google search and made the 'umbracoUseSSL' change accordingly.
I will read further about this suggestion now.
This was the solution for my problem.
So, I changed the value of "umbracoUseSSL" key back to
false, and added the following section to my web.config:Problem solved! Thank you very much Sebastiaan..
is working on a reply...