Refused to display in an frame because it set 'X-Frame-Options' to 'SAMEORIGIN'

Question

FOllowing the video and sample code from https://developers.google.com/drive/web/quickstart/quickstart-js to upload any file from local system to google drve i was

Answer 1

I don't know if this is still relevant, i got the same error loading a google docs in an iframe. After stripping the page of everything i had, removing the doctype solved my issue. After this i found out there was a parameter ?embedded=true which allowed me to load it in a fancybox, which looks nicer anyway. Hope it helps any1, sorry if it's not relevant for you.

Answer 2

The browswer sequrity is nonsense since Google Realtime API is intended to work with default security.

I received this error when supplied clientId = 'garbage'. Indeed, your client_id=<AIzaSyDa2kGIMQCLdfzk looks like garbage. Correct client_id shoud look like '1088706429537-4oqhqr7o826ditbok23sll1rund1jim1.apps.googleusercontent.com'

Answer 3

I faced the below issue while loading the PDF document into iframe from google drive.

Problem: Refused to display 'https://drive.google.com/file/d/1ipnylkWoSx4NS0GtmsQVFUq7ms339DAW/view' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Reason: As per my analysis, I faced this issue due to the URL is not considering as embedded to allow loading from other websites.

Solution: I did even tried with the solution of adding ?embedded=true to the URL but still no luck. Then I got one solution from https://support.google.com/drive/thread/34363118?hl=en and replaced the view with preview in my URL and problem solved.

https://drive.google.com/file/d/1ipnylkWoSx4NS0GtmsQVFUq7ms339DAW/preview

Answer 4

This is not related to disabling security in chrome browser. I believe there might me some issues with my XAMPP Windows local host.Deploying the same application in node.js server or hosting Dropbox/Google Drive as a web app also works fine.