I have a pool of videos in my own server and another company is providing me the geoloc service in a video player that they developed. The problem is that I'm trying to load a simple iframe of my provider just like this:
<iframe src="http://myvideoplayerprovider.com/videos/198" width="620px" height="360px" frameborder="0"></iframe>
The iframe with the video shows up without a problem in Chrome and Safari. However in Firefox the console is giving me this error and is not showing anything on the browser:
Load denied by X-Frame-Options: https://www.mydomain.com/ does not permit framing by http://subdomain.mydomain.com/gala8-foo/.
I have tried X-Frame-Options in my htaccess without a success and also this php line and nothing changed:
<? header('X-Frame-Options: GOFORIT'); ?>
Another ideas?
add this to web.xml for (both) applications
<context-param>
<description>Security precaution to prevent clickjacking: bust frames if the ancestor window domain(protocol, host, and port) and the frame domain are different. Another options for this parameter are always and never.</description>
<param-name>org.apache.myfaces.trinidad.security.FRAME_BUSTING</param-name>
<param-value>never</param-value>
</context-param>