Disable x-frame-options in MVC3 or IIS 7.5

https://stackoverflow.com/questions/23085306

asp.net
iis
iframe
web-config
x-frame-options

04-07-2023
|

Question

I want to disable x-frame-options in my website, I want that no other website can show my webpages in their web pages using iframes. My website is made in ASP.net MVC3 and hosted in IIS 7.5.

Solution

There are a bunch of ways to go about this. But one of the easiest is adding <customHeaders> section to the web.config and it will append that header to each request.

<configuration>
   <system.webServer>
      <httpProtocol>
         <customHeaders>
            <add name="X-Frame-Options" value="DENY" />
         </customHeaders>
      </httpProtocol>
   </system.webServer>
</configuration>

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow