Setting the src of an iFrame with parameters causes X-Frame-Options 'SAMEORIGINS' error
I'm currently developing a website using angularjs for my client side and using Web API 2 for my server side.
Firstly, I'm attempting to embed an SSRS report into my website using an iframe. I can successfully embed the report whenever I supply the iframe src with the following (example) link:
http://EXAMPLE-LINK/reports/report/Test%20Upgrade/Line%20Control?rs:embed=true
And the image below is the report successfully loaded into the site (happy days):
Secondly, whenever I use the same link but this time supply it with parameters to populate the "Between" and "And" fields I'm getting the following console error:
The link I'm using that contains the parameters is detailed below:
Finally, how come when I supply the iframe src a link with parameters I'm getting the X-Frame-Options 'SAMEORIGIN' error? Ideally I want to supply the iframe src with the parameters otherwise I'm going to have to create multiple reports to fulfil the website functionality.
What can I do within my application to ignore / remove the X-Frame-Options 'SAMEORIGIN' header response? Do I need to add in some customHeader response into my web.config or is there a way I can remove the header during the startup of my web app?
So after trying to access the following link: http://EXAMPLE-LINK/reports/report/Test%20Upgrade/Line%20Control?&date1=01/03/2018&date2=04/04/2018?rs:embed=true within my browser URL I was presented with the following error:
So this lead me to believe that the link I was trying to pass to my iframe was in fact incorrect.
So I amended my link to follow the structure below which includes my parameters:
As you can see I pass the rs:embed=true tag before the parameters for the SSRS report and success! I'm now able to load in my iframe with the SSRS report parameters populated.
