I have an icefaces fileupload module: <ace:fileEntry (...)/>. After I upload the file, a popup used to appear with an <ice:inputSecret (...)/> but recently (I don't know why) it fails to show the popup, because the backed state is not refreshed in the browser. After navigating to another page and back, the popup is visible.
There are two JS errors in the Firebug console:
First error:
Load denied by X-Frame-Options: http://localhost:8080/appname/index.xhtml does not permit framing.
Second error:
Error: Permission denied to access property 'document' i.contentWindow.document
I know these two errors are telling the same, but the iframe which is causing this seems to be generated by icefaces as a sibling to the password popup. The naming of it is also related to the naming of the popup. Though, the second error is thrown inside this function:
ice.ace.fileentry = {
iframeLoaded : function(context, id) { //(...)
What should I do?
So, it turned out, that a few days ago someone implemented a security filter, which was set up in the web.xml.
This filter added a header like so: response.setHeader("X-Frame-Options", "DENY"); instead of DENY, we needed to use SAMEORIGIN.