Why won't my EE3 site show up in online Responsive Emulators?
How Do I?
Why won’t my EE3 site show up in online Responsive Emulators?
I want to make my site responsive, but it does not load into any of the online emulators I’ve found.
Even a base template with nothing in it but the “Hello World” code does not load. It seems to be something to do with using index.php. The html version of the same “Hello World” code loads fine.
See this work:
http://www.responsinator.com/?url=dev.ruralintelligence.com/test_bootstrap.html
But this doesn’t:
http://www.responsinator.com/?url=dev.ruralintelligence.com/index.php/Bootstrap_test
Even though it loads fine in any mobile device or PC browser.
http://dev.ruralintelligence.com/index.php/Bootstrap_test
Is it a security setting in EE stopping it in the interest of avoiding clickjacking?
I anticipated that Apache may be set to SAMEORIGIN and made the www.responsinator.com an allowed page via my .htaccess file there:
# Allows page to appear in an iFrame
Header append X-FRAME-OPTIONS "ALLOW-FROM http://www.responsinator.com"But no luck.
Any ideas?
Terry
Good news! I just found the answer - I had used “append” in my .htaccess file.
“set” is what I wanted.
# Allows page to appear in an iFrame
Header set X-FRAME-OPTIONS "ALLOW-FROM http://www.responsinator.com"This allows that page through.
I hope that is helpful to someone else encountering this problem.
Your server/host is likely setting Apache or other settings to “SAMEORIGIN” to avoid “Clickjacking” which is what took down Twitter a while ago. So, be selective in this way for what pages have this access.
Reference:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options_
https://geekflare.com/secure-apache-from-clickjacking-with-x-frame-options/_
http://stackoverflow.com/questions/5881139/how-to-block-iframe-call_ (Where I found “set” mentioned.)
Terry