Can't get wordpress admin section to load inside iframe

3 replies
I have a wordpress blog iframed into a facebook tab but cant seem to get any of the links to work in the admin bar.

The admin bar works fine when accessed directly on the site, but not through the iframe.

Is this normal, is there a fix?
#admin #iframe #inside #load #section #wordpress
  • Profile picture of the author tq
    Was it working before?

    Is it in draft? or published?

    Sometimes I have found this not to work in draft but after publish it is fine.
    {{ DiscussionBoard.errors[8195700].message }}
  • Profile picture of the author David V
    This is normal, it's a security precaution.

    By default WordPress sends an HTTP header to prevent iframe embedding.
    Example:
    Code:
    function send_frame_options_header() {
    	@header( 'X-Frame-Options: SAMEORIGIN' );
    }
    wp-includes/default-filters.php:

    Code:
    add_action( 'login_init', 'send_frame_options_header', 10, 0 );
    add_action( 'admin_init', 'send_frame_options_header', 10, 0 );
    You could disable these but it's a BAD IDEA as you'll open yourself up to clickjacking and some real security risks.
    Signature
    "David has managed the digital side of my retail business for over 8 yrs
    and I can't imagine working with anyone else. ~ Carrie Silva | TheDoghouseLLC
    "
    {{ DiscussionBoard.errors[8195873].message }}
    • Profile picture of the author webpeon
      Thanks David - Not ideal but good to know.

      Originally Posted by David V View Post

      This is normal, it's a security precaution.

      By default WordPress sends an HTTP header to prevent iframe embedding.
      Example:
      Code:
      function send_frame_options_header() {
      	@header( 'X-Frame-Options: SAMEORIGIN' );
      }
      wp-includes/default-filters.php:

      Code:
      add_action( 'login_init', 'send_frame_options_header', 10, 0 );
      add_action( 'admin_init', 'send_frame_options_header', 10, 0 );
      You could disable these but it's a BAD IDEA as you'll open yourself up to clickjacking and some real security risks.
      Signature
      Web 2 Mobile
      The Future of The Web
      {{ DiscussionBoard.errors[8197189].message }}

Trending Topics