Ignore X-Frame headers
Item media 1 screenshot

Overview

Drops X-Frame-Options and Content-Security-Policy HTTP response headers, allowing all pages to be iframed.

Should be used only temporarily and only for development, testing, or troubleshooting purposes because it disables important browser security mechanisms. Use at your own risk. No custom options or installation instructions: just install the extension and enable it on the relevant websites using the standard browser controls. Reference: * https://developer.mozilla.org/docs/Web/HTTP/Headers/X-Frame-Options * https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy Source code: https://github.com/guilryder/chrome-extensions/tree/main/xframe_ignore Release notes: v2.0.0: reimplemented with declarativeNetRequest and Manifest V3, no functional change v1.2.2: Chrome 89 permission fix v1.1.1: added icons

4.4 out of 5143 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Vladislav TopFeb 6, 2024

it works!

Review's profile picture

think ProgressJan 14, 2024

Great app, fixing many issues in other apps.

Review's profile picture

Akshat JoshiDec 17, 2023

Damn!! This works!!!

Details

  • Version
    2.0.0
  • Updated
    November 27, 2023
  • Offered by
    Guillaume Ryder
  • Size
    7.6KiB
  • Languages
    English (United States)
  • Developer
    Email
    guillaume@ryder.fr
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

Related

Redirector

4.3(287)

Automatically redirect content based on user-defined rules.

Moesif Origin & CORS Changer

3.7(186)

This plugin allows you to send cross-domain requests. You can also override Request Origin and CORS headers.

Always Disable Content-Security-Policy

3.7(15)

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Requestly - Intercept, Modify & Mock HTTP Requests

4.4(1.1K)

The easiest way to Redirect URLs, Modify HTTP Headers, Mock APIs, Inject custom JS, Modify GraphQL Requests

iFrame Allow

3.8(29)

Ignores X-Frame-Options to allow iFrames for all web pages.

ignore X-Frame-Options

3.5(4)

解决谷歌等页面无法在iframe中引用的问题

Disable Content-Security-Policy

3.6(81)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Allow X-Frame-Options

5.0(2)

Easily remove X-Frame-Options from the response header.

Contentsquare - CS Live

5.0(6)

Contentsquare - CS Live

HiFrame - The Hyper IFRAME extension!

4.1(9)

Allow any web page to be embedded as an iframe. Only local HTTP header manipulations. Compatible with modern web security standards.

ignore-x-frame-options

3.7(3)

ignore x-frame-options

Xframe Assassin

5.0(4)

Kills Content Security, Xframe, Sniffing headers. Unlocks the Internet. 10Mil+ users since 2004!

Redirector

4.3(287)

Automatically redirect content based on user-defined rules.

Moesif Origin & CORS Changer

3.7(186)

This plugin allows you to send cross-domain requests. You can also override Request Origin and CORS headers.

Always Disable Content-Security-Policy

3.7(15)

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Requestly - Intercept, Modify & Mock HTTP Requests

4.4(1.1K)

The easiest way to Redirect URLs, Modify HTTP Headers, Mock APIs, Inject custom JS, Modify GraphQL Requests

iFrame Allow

3.8(29)

Ignores X-Frame-Options to allow iFrames for all web pages.

ignore X-Frame-Options

3.5(4)

解决谷歌等页面无法在iframe中引用的问题

Disable Content-Security-Policy

3.6(81)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Allow X-Frame-Options

5.0(2)

Easily remove X-Frame-Options from the response header.

Google apps