I want to use this heroku app (spring boot) inside an iframe. https://sef-github-leaderboard.herokuapp.com/ but it doesn't work. it says refused to connect
. Here's the code.
<!DOCTYPE html>
<html>
<body>
<iframe src="https://sef-github-leaderboard.herokuapp.com/" title="Iframe Example" style="height:500px;width:100%;"></iframe>
</body>
</html>
If you open up devtools, click the Network tab, refresh the page, and click the first item in the waterfall, you'll find that the Content Security Policy header X-Frame-Options
is set to DENY
on the URL you are seeking to embed. This instructs the browser to disallow loading the page within an iframe
. To get around this, you would need to use a forward proxy to strip out the headers.