Hi Andreas,
> Here is the complete error message shown in a browser(frame)window when i
> try to open Squirrelmail in a Portal(iframe):
> "This content may not be displayed in a frame.
> To protect the information you entered on this website, the publisher of
> this content has prohibited to display the content in a frame.
> Possible approach:
> Open this content in a new window"
>
> I had a look at the file functions/page_header.php and modified the
> following line
> header('X-Frame-Options: SAMEORIGIN');
>
> First i comment out //header('X-Frame-Options: SAMEORIGIN'); --- same
> error
> message as written above
> Then i set it to: header('X-Frame-Options: '); --- also the error message
> appears
> After that i set: header('X-Frame-Options: _parent'); --- same error
> Finally i set it to: header('X-Frame-Options: false'); --- same error
A quick Search in Google showed this page:
https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
If you are on the same site (what only you know), SAMEORIGIN is the right
thing. If not you should skip this header line completely and have a look
at the source in your browser if maybe apache adds the line by itself.
Roland.
> This values didnt work. Is there something else i have to modify?
> Or have i to modify something else, like the value for $frame_top in the
> config/config.php ?
>
> Thanks in advance.
>
> -----Ursprüngliche Nachricht-----
> Von: kwadronaut [mailto:kwadronaut@xxxxxxxxxxx]
> Gesendet: Dienstag, 7. Februar 2012 10:40
> An: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
> Betreff: Re: Squirrelmail in an iFrame (portal)
>
>
> On 07/02/12 09:48, Andreas Cieslak wrote:
>> Any advices for the values?
>> I tried to comment out, to set to false, to leave it blank and to set
>> to _parent Or is there something else i should set in the config.php
>> for $frame_top ?
>
> I like Tofu when we're talking about culinary subjects, not here. Before
> subscribing, you were supposed to have read the posting guidelines:
> http://squirrelmail.org/docs/admin/admin-12.html#ss12.3
>
>> -----Ursprüngliche Nachricht-----
>>
>> I'm sure you can take the time to show the exact error message if
>> you'd like us to take the time to give you free help.
>
> If people *do* take the time to help you, the least you could do in a
> follow-up message is give an answer to such remarks.
>>
>>> Is there a switch in the SM configuration to prevent this security
>>> issue?
>>>
>>> Or a plugin?
>>>
>>> Any ideas?
>>
>> Look at the X-Frame-Options header in functions/page_header.php
> Did you look at that? Or did you look somewhere else in that file?
>
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
