Issue - I want to embed in a iframe an owncloud folder. - Even changing the option X-Frame-Options in the htaccess file, doesn't solve the problem, keeps giving me an x-Frame-Options Sameorigin error.
Expected behaviour After changing the option Header set X-Frame-Options to "ALLOW-FROM http://display-website.de/", still not "allowing" this domain, or not making any change at all.
Actual behaviour I can't see the iframe in http://display-website.de/, throws me an error: Refused to display 'https://media.display-website.de/index.php/apps/files/' in a frame because it set 'X-Frame-Options' to 'Sameorigin'.
Server configuration Operating system: N/A Web server: Apache (Version N/A) Database: MYSQL PHP version: 7.0 (CGI) ownCloud version: ownCloud 9.1.0 (stable) Updated from an older ownCloud or fresh install: fresh install ownCloud log: this error it's not displaying in the log
Technical information
=====================
The following list covers which files have failed the integrity check. Please read
the previous linked documentation to learn more about the errors and how to fix
them.
Results
=======
- core
- INVALID_HASH
- .htaccess
Raw output
==========
Array
(
[core] => Array
(
[INVALID_HASH] => Array
(
[.htaccess] => Array
(
[expected] => ab5f4c44ba2f9c66f2ed25c3ad3d84660b2808cca11ffa8fe2778a648a054d8ada495a0bf4715dc873aac1efe8dfd92a72f9a24441d8f5240834e639325fd892
[current] => 5b86ad1ddee7a09ab9d7e52ef8f00e67d563fb1e55121e7538f9be80baa1cb8fa43f2e62707502627b1816c3aaf0866194c97a6c5500903535b05b28cf85a7b7
)
)
)
)
1/ Will I be able to embed an owncloud server if it is hosted in a sub domain, when the web site doing the embedding is in another sub domain but with the same domain name (ex. Can I embed owncloud.mywebsite2344234234.com in test.mywebsite2344234234.com without having issue with the sameorigin restriction ?)
If not
2/ Can I embed Owncloud in only one website (with one specific domain name - and no other website will be able to embed it) and how to ?
I consider your question as OT, and I don’t know what ‘this’ relates to. And dropping a OT question into an 2 years old thread doesn’t make any sense either.
To access files in ownCloud you have to use WebDAV, nothing else.
Not OT (Off Topic, right?)
I’m asking about the CORS stuff. (Access ‘this’ meaning the CORS code. Can you access the proper file to change CORS via an FTP client.
If you read the OP (that means Original Post for those wondering) you’d see that they were looking for a way to embed owncloud folder via Iframe. As am I.
If the topic is still relevant to someone what does it matter if you post 2 years later?
Forums are usually for getting answers from other users not attitude.