You’re offline. This is a read only version of the page.
Hi All,
As I see it, current default settings is "X-Frame-Options: SAMEORIGIN" in power apps portals.
Is there any settings available to change the "X-Frame-Options" to allow some other URL to access through X-Frame ?
We have existing website hosted outside Azure and would like to integrate the power apps portal contents into that.
Thanks,
Aki
hi, this is not on the App Settings but on the Site Settings, open the Portal Management and navigate to the Site Settings entity
------------
If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.
Hi there.
I have a similar problem.
I need to set up X-Frame-Options to SAMEORIGIN on my PowerApp Canvas.
I was not able to find the X-Frame-Options on the App settings. Is this option only available for web sites ?
Thanks Kris,
I didn't noticed the "Sync Configuration". Now it's taken in effect.
It becomes clear to me on this topic, so I take your comment as a solution.
For others to encounter the same issue, "ALLOW-FROM [my url] " can be set on admin portal, but chrome or safari are not accepting the configuration and users still not be able to see the i-framed contents. So, we need to leave the setting as blank if needed. But, should be aware that that may invoke click-jack vulnerability.
Hi @SunnyTokyo ,
Have you clicked "Sync Configuration" option within your Portal Editor to sync the configuration you made in your Portal Management?
Based on the configuration that you made, I think it is right. More details about configuring value for "HTTP/X-Frame-Options" setting in your Portal Management, please check the following article:
After you made some changes in your Portal Management, please edit your Portal, then click "Sync Configuration" option within your Portal, then click "Browse website" button again, to make the configuration take effect:
Best regards,
I found HTTP/X-Frame-Options on site settings in admin portal, and changed it as below;
SAMEORIGIN --> ALLOW-FROM [my url]
And checked them on Firefox and Chrome to see if iframe works,,, but it didn't work, unfortunately.
Share
Report
29
All responses (
Answers (
