◆ [Date updated: 2022/05/08(Sun) 17:50:50]
■visiting ayashii from the frames menu on heyuri.net doesn't work for me anymore, not sure why... (´ー`)
│
└■User: kaguya
│Not sure why either (;´Д`)
│
└■https://support.mozilla.org/en-US/kb/xframe-neterror-page?as=u&utm_source=inproduct
│
│"If you see this error, it is usually caused by a misconfigured website
│that is trying to display another website without the consent of its
│owner."
│
│"Websites can use x-frame options or a content security policy to
│control if other websites may embed them on their own pages. This is an
│important security feature to prevent clickjacking, which is an attack
│that allows malicious sites to trick users into clicking links on a
│site."
│
│Basically, something with the board's configuration has changed that
│is blocking other sites from embedding it. It's a security protection,
│but... the secure web is boring! (;´Д`)
│
│I suspect line 706 in index.php/bbs.php is the culprit:
│
│ function sethttpheader() {
│ header('Content-Type: text/html; charset=UTF-8');
│ header("X-XSS-Protection: 1; mode=block");
│ header('X-FRAME-OPTIONS:DENY');
│ }
│
│Try commenting out the X-FRAME-OPTIONS line, and if it still doesn't
│work after that, the X-XSS-Protection line (that one should be fine
│though)
│
└■User: kaguya
THX , it properly works now (゚ー`)
Return