Forum Discussion

Nimbostratus

Apr 02, 2015

Apply APM to an iFrame - The content cannot be display in Frame

Hi, We have an application and when you click a button, it makes a call to another virtual server and opens the windows in a iFrame. When we apply our APM policy, it runs through specific c...

BIG-IP Access Policy Manager (APM)

Employee

Apr 02, 2015

Hi Nick,

This is by design to protect against Clickjacking. We insert the X-Frame-Options header in the server response and set it to DENY.

https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options

https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_SheetDefending_with_X-Frame-Options_Response_Headers

You should be able to remove the header or modify it with an iRule if needed.

Regards,

Seth

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Apply APM to an iFrame - The content cannot be display in Frame

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Applying APM on an iframe

Displaying Application Study Tool (AST) Dashboards in Your Own Grafana Instance

Layer 7 Content Routing in F5 XC

Service Extensions with SSL Orchestrator User Coaching of AI Related Content

DevCentral Content Highlights

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS