After update to MVC 5, iframe no longer works

Question

I updated my project MVC version to 5 and now iFrame does not load, I get this error:

Load denied by X-Frame-Options: www.blahblah.com does not permit cross

Answer 1

Assuming your IFrame content is being served by your MVC app...

You might need to include a response header that permits cross origin requests:

Access-Control-Allow-Origin: *

Answer 2

I finally found the answer. Starting with MVC 5 Microsoft decided to set SAMEORIGIN in there by default. The best way I found to turn this tag off is by writing the following in the Global.asax.cs

protected void Application_Start()
{
//Bundles and stuff are here
AntiForgeryConfig.SuppressXFrameOptionsHeader = true;
}