Form hanging with X-Frame-Options issue

  • I have the plugin installed on my website (mystartupsherpa.com — currently in maintenance mode) and have it linked to my mautic installation (outreach.mystartupsherpa.com). Using the short code I am able to embed a form on the site. When I press submit, the form hangs (though it does submit to mautic) and the following error shows up in the console: Refused to display 'https://my-mautic-instance.com/form/submit?formId=1' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

    Any help would be appreciated. I have attempted to modify the .htaccess file on my mautic instance based on some threads on various forums and have yet to find something that works.

Viewing 6 replies - 1 through 6 (of 6 total)

  • where are you hosted?

    I determined that my servers NGINX clickjacking protection was adding that header. Once I turned that off for the Mautic domain it started working just fine.

    Thread Starter mesafr7

    (@mesafr7)

    A2 hosting

    Plugin Author shulard

    (@shulard)

    Hello !

    Have you authorized your Mautic CORS to whitelist your website ? Which version of Mautic are you using ?

    You can check the CORS settings at https://mauticinstance.com/s/config/edit in the “CORS Settings” section. Not sure it’s related to the the frame management…

    I’ve checked the headers returned by your “/form/submit?formId=1” and it disallow frame embedding. If you can’t find any strange settings on the Mautic side, you must check your webserver configuration…

    • This reply was modified 4 years, 4 months ago by shulard.
    • This reply was modified 4 years, 4 months ago by shulard.
    Thread Starter mesafr7

    (@mesafr7)

    Hi @shulard I am using the most recent version (3.0.1) and do have the websites I am using added into CORS. Can you help point me in the right direction in terms of what needs to be configured differently on my server? I am currently running Mautic on A2 hosting.

    Plugin Author shulard

    (@shulard)

    Hello,

    I don’t know A2 hosting but there is 2 cases :

    * You are using a shared server -> Maybe check in the different configuration panel if you find something related to HTTP headers ;
    * You have installed (or know who installed) the server -> You must check the webserver configuration (Nginx, Apache, Caddy…) if there is any mention of the X-Frame-Options header.

    By the way, using that header is not a bad thing it’s just incompatible with the Mautic behaviour… If you don’t find any relevant details here, maybe you can ask some help on the Mautic community slack.

    Thread Starter mesafr7

    (@mesafr7)

    Ok, thank you @shulard

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Form hanging with X-Frame-Options issue’ is closed to new replies.