How to remove X-Frame-Options: SAMEORIGIN" from WordPress?
-
17-04-2021 - |
题
I want to temporarily remove X-Frame-Options: SAMEORIGIN
and need to allow all domains.
I have already tried the following ways.
Removing
send_frame_options_header
from./wp-includes/default-filters.php
remove_action('login_init', 'send_frame_options_header');
Removing
@header( ‘X-Frame-Options: SAMEORIGIN’ );
from/wp-includes/functions.php
None of the above doesn't work.
PS: I don't use any security plugin either.
解决方案
Check this question How does wordpress restrict X-FRAME to sameorigin?.
The questioner's issue was resolved by modifying his site's .htaccess file by adding the below line to it as his Web Host set the X-Frame-Option.
Header always unset X-Frame-Options
You can check if that works for you.