Creating a frame redirect causes Chrome to throw X-Frame-Options error

Question

Refused to display 'http://sotaexchange.cloudapp.net/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

I redirect my domain sotaexchange.com to a Discourse forum but get the above error. If I switch it to an HTTP redirect there is no problem. I assume the problem is because my redirected to domain has the same text as the original domain and looks like trickery - what can I do to prevent this?

Edit

I am opening a bounty to get a better answer. For more info, I am currently using Windows Azure to host the discourse site and redirecting from a few other domains that I own. I don't want to use an HTTP redirect, I would like to use the Frame redirect.

Answer 1

It looks like you are trying to mask the url of the forum. Why don't you use the cname feature? See cname on azure for more info.

Answer 2

The same origin policy requires that the document or script doing the accessing (the parent) have the same protocol , port, and domain as the resource it's accessing (the child).

If I understand correctly, you have a frame in a page on the domain sotaexchange.com, and it's trying to display content from the domain sotaexchange.cloudapp.net. This violates the same origin policy, and many browsers will reject it. A regular HTTP redirect should always be ok.