Skip to content

Web Component extending IFrame to bypass X-Frame-Options: deny/sameorigin

License

Notifications You must be signed in to change notification settings

SpyC0der77/x-frame-bypass

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

X-Frame-Bypass

Published on webcomponents.org

X-Frame-Bypass is a Web Component, specifically a Customized Built-in Element, which extends an IFrame to bypass the X-Frame-Options: deny/sameorigin response header. Normally such headers prevent embedding a web page in an <iframe> element, but X-Frame-Bypass is using a CORS proxy to allow this.

Usage

  1. (Optional) Include the Custom Elements with Built-in Extends polyfill for Safari:

     <script src="https://unpkg.com/@ungap/custom-elements-builtin"></script>
    
  2. Include the X-Frame-Bypass JS module:

     <script type="module" src="https://unpkg.com/x-frame-bypass"></script>
    
  3. Insert the X-Frame-Bypass Custom Element:

     <iframe is="x-frame-bypass" src="https://example.org/"></iframe>
    

Demo

See the Hacker News using X-Frame-Bypass. Supported are current versions of Chrome and Firefox browsers. Edge and Safari do not support Customized Built-in Elements yet.

License

© 2019 Jerzy Głowacki under Apache License 2.0.

About

Web Component extending IFrame to bypass X-Frame-Options: deny/sameorigin

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 72.4%
  • HTML 27.6%