Forum Discussion

Nimbostratus

Apr 02, 2015

Apply APM to an iFrame - The content cannot be display in Frame

Hi, We have an application and when you click a button, it makes a call to another virtual server and opens the windows in a iFrame. When we apply our APM policy, it runs through specific c...

BIG-IP Access Policy Manager (APM)

Employee

Apr 02, 2015

Hi Nick,

This is by design to protect against Clickjacking. We insert the X-Frame-Options header in the server response and set it to DENY.

https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options

https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_SheetDefending_with_X-Frame-Options_Response_Headers

You should be able to remove the header or modify it with an iRule if needed.

Regards,

Seth

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Apply APM to an iFrame - The content cannot be display in Frame

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Applying APM on an iframe

DevCentral Content Highlights

Layer 7 Content Routing in F5 XC

Public IP address display

This DevCentral Content has been Archived or Deleted

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS