Site twitter cards not showing
Quote from Aussie on June 6, 2019, 11:57 amAdding a link to a site that has twitter cards causes the card to go outside the post area and be blank.
Someone added this link on my forum and it doesn’t work:
https://classicpress.net/blog/2019/03/19/meet-the-community-andy-towler/
I see it doesn’t work here either. Sometimes you need to refresh the page a couple of times to see the effect, or you just see the link – with no card.
It seems to be tied to embedding. The link gets added as an embedded item.
Just saw this using the browser inspector:
Refused to display ‘https://www.classicpress.net/blog/2019/03/19/meet-the-community-andy-towler/embed/#?secret=YLSfZZNaak’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.
Have you any idea why this is happening?
Adding a link to a site that has twitter cards causes the card to go outside the post area and be blank.
Someone added this link on my forum and it doesn’t work:
I see it doesn’t work here either. Sometimes you need to refresh the page a couple of times to see the effect, or you just see the link – with no card.
It seems to be tied to embedding. The link gets added as an embedded item.
Just saw this using the browser inspector:
Refused to display ‘https://www.classicpress.net/blog/2019/03/19/meet-the-community-andy-towler/embed/#?secret=YLSfZZNaak’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.
Have you any idea why this is happening?
Quote from Asgaros on June 6, 2019, 1:59 pmHello @aussie
This is caused by the configuration of the websites content you want to embed. I will quote the relevant part from the following StackOverflow question:
https://stackoverflow.com/questions/27358966/how-to-set-x-frame-options-on-iframe
You can’t set X-Frame-Options on the iframe. That is a response header set by the domain from which you are requesting the resource. They have set the header to SAMEORIGIN in this case, which means that they have disallowed loading of the resource in an iframe outside of their domain. For more information see The X-Frame-Options response header on MDN.
Hello @aussie
This is caused by the configuration of the websites content you want to embed. I will quote the relevant part from the following StackOverflow question:
https://stackoverflow.com/questions/27358966/how-to-set-x-frame-options-on-iframe
You can’t set X-Frame-Options on the iframe. That is a response header set by the domain from which you are requesting the resource. They have set the header to SAMEORIGIN in this case, which means that they have disallowed loading of the resource in an iframe outside of their domain. For more information see The X-Frame-Options response header on MDN.
Quote from Aussie on June 6, 2019, 2:16 pm@asgaros
Thanks for the quick reply. Don’t understand it, except the fact it is the website’s fault.
Explains why some links are not embedded automatically on my forum, and some are. Even ones that have twitter cards are not necessarily embedded and no cards show.
Will stop worrying now and let things work the way they want.
Thanks for the quick reply. Don’t understand it, except the fact it is the website’s fault.
Explains why some links are not embedded automatically on my forum, and some are. Even ones that have twitter cards are not necessarily embedded and no cards show.
Will stop worrying now and let things work the way they want.
Quote from Asgaros on June 6, 2019, 3:02 pmHello @aussie
Basically the header tells other websites, that they are not allowed to embed any of its content if they dont belong to the same domain.
Because your website X tries to embed content from website Y – which sends the SAMEORIGIN value – your website X is not allowed to embed content from Y because it does not belong to the same origin. Actually its nothing which you can change/fix by yourself.
Hello @aussie
Basically the header tells other websites, that they are not allowed to embed any of its content if they dont belong to the same domain.
Because your website X tries to embed content from website Y – which sends the SAMEORIGIN value – your website X is not allowed to embed content from Y because it does not belong to the same origin. Actually its nothing which you can change/fix by yourself.
Quote from Aussie on June 6, 2019, 3:25 pmThanks. I sort of got the gist of it from your link. It’s the other website saying, “No!”
Makes sense to me.
Thanks. I sort of got the gist of it from your link. It’s the other website saying, “No!”
Makes sense to me.