Some of the important features of the Allow X-Frame-Options addon are listed below. This is followed by an overview of this addon. This summary contains few words about the addon, its function, and its features. Next is FAQ, this section is useful to get information about how this addon works in your browser. If you couldn't find a specific answer, please fill the bug report form on this page or the contact form on the homepage to let us know about your question. Following the FAQ, is the bug report form. It is designed to collect user feedbacks and bugs about this addon. Users can suggest improvements or feature requests through this form too. The next section is for submitting comments about this addon which uses the Facebook comments plugin. The last section is dedicated to reports submitted through the GitHub website. We hope the information provided on this page, could help you get all the basics you need about this addon and enable you to have a better experience with Allow X-Frame-Options.
In short, Allow X-Frame-Options is a lite tool that lets you unblock the x-frame-options restriction on websites. The toolbar popup has an ON|OFF switch to enable or disable the extension.
4 Reasons to Use Allow X-Frame-Options
Very lite addon with no background activities.
Has ON|OFF switch to quickly turn the addon ON or OFF.
Activates on user-action for the current tab and a global mode for all websites.
Available for Chrome and Edge browsers on all operating systems.
This video gives you an idea of how the extension works in your browser.
Frequently Asked Questions
1. What is Allow X-Frame-Options?
Allow X-Frame-Options is a lite and multi-browser add-on that lets you remove the x-frame-options from the HTTP response header. When this header is present, iframes are not allowed to load within the page. When you need this feature on a website, please use this add-on. Once the addon is added to your browser, please open the toolbar popup and then click on the toggle button on the left side. When the addon is ON, all iframes (both same-origin and third-party) can load inside the page. To whitelist the current tab, please click on the - Add to whitelist - button. This addon works in two modes, global and per-tabs. In global mode, which is the default option, it works globally for all open tabs. Meaning, that when the addon is active, the x-frame-options header is removed for all open tabs. However, in this mode, you can whitelist a domain via the toolbar popup. On the other hand in per-tab mode, the addon is only working for the active tab. Therefore, for each tab, you need to open the toolbar popup, and activate the addon. Please note that for this mode, the whitelist feature is disabled.
2. How can I work with Allow X-Frame-Options addon?
To work with Allow X-Frame-Options add-on, simply open the toolbar popup and then click on the toggle button on the left side. When the addon is active, x-frame options is ignored for all websites. As mentioned above, this is the global mode. To work in per-tab mode, please option the options page and mark the corresponding option from the settings page. When the addon is in global mode, you can whitelist a domain from the toolbar popup. To do so, please open the toolbar popup and then click on the - Add to whitelist - button. Likewise, to remove the domain, click on the - Remove from whitelist - button.
3. How can I download the source code for Allow X-Frame-Options?
To download the source code for this extension from Chrome Web Store, it is recommended to use Extension Source Downloader. With this addon, you can download the source code as a ZIP or CRX format to your machine. If you want to download the source code from the Firefox addons store, please open the firefox download link (if available) in the Firefox browser and then right-click on the - Add to Firefox - button and select - Save Link As... - item. Choose the destination folder on your machine and then save the file in XPI format. You can then rename the XPI format to a RAR or ZIP file. Some extensions may have a GitHub repo address, which you can use to download the source code as well. But, it may not be the latest version of the addon. Therefore, downloading the source code from the official web stores is the best option as it always gives you the latest version of the addon.
4. What is the difference between global and per-tab modes?
In global mode, when the addon is active, the x-frame-options header is removed for all open tabs. But, you can whitelist a domain from the options page or toolbar popup. On the other hand, in per-tab mode, the addon is only working for specific tabs. To enable the add-on for a tab, please open the toolbar popup and then click on the toggle button on the left side. The x-frame-options header is ignored for this tab only. In this mode, the whitelist feature is not available.
5. How can I turn off the addon?
To turn off the addon, please press the toggle button on the toolbar popup.
6. How can I test this addon?
There is a test page provided to test whether the x-frame-options header is present or not. Please open the toolbar popup, then click on the top-right button to open the test page. Within the test page, you can see three fields with iframe, object, and embed elements. When the x-frame-options header is present, none of these elements should load. Now, activated the addon and reload the page. All these elements should load normally.
7. What is the X-Frame-Options HTTP header?
The X-Frame-Options HTTP response header is a security feature that can be used to indicate whether or not a browser should be allowed to render a page in a frame or iframe. This can be useful for preventing clickjacking attacks, which involve tricking a user into clicking on a page element that is invisible or obscured. The X-Frame-Options header can be used to prevent a page from being rendered in a frame or iframe unless it is being displayed on a page from the same domain. There are three possible values for the X-Frame-Options header: DENY, SAMEORIGIN, and ALLOW-FROM. The DENY value prevents a page from being rendered in a frame or iframe, the SAMEORIGIN value allows a page to be rendered in a frame or iframe only if it is being displayed on a page from the same domain, and the ALLOW-FROM value allows a page to be rendered in a frame or iframe only if it is being displayed on a page from a specific domain.
8. Can I work with addon in a blank tab?
No, the addon is only working on a website with HTTP, HTTPS, or File protocol. It is not working for blank, empty, or extension tabs.
Your feedback goes a long way towards making this addon even better. With this feedback and bug report form, you can report bugs or suggest features/enhancements for the functionality or performance of this addon. Please note that this form will be sent to the developer(s) of this addon. You will not get an immediate or personal response at the moment. However, the developer(s) may contact you through the email address provided in this form for further clarifications or to request additional information regarding the reported bug(s).
Reviews | Discussions
Please note: keep these reviews/discussions clean, and avoid the usage of derogatory or inappropriate language or terminology in references to individuals or groups based on race, national or ethnic origin, color, religion, age, gender, etc. Do not submit bugs in your reviews, use the above bug-report section instead. Also, never post any personal information in these reviews.