@ryan.murray
To override the Same Origin Policy in a web browser for an iframe on the same domain, you can use the X-Frame-Options header. You can set this header to allow embedding the same domain in an iframe by setting it to "SAMEORIGIN" or "ALLOW-FROM".
Here's how you can do it:
1
|
Header always set X-Frame-Options "SAMEORIGIN" |
1
|
header("X-Frame-Options: SAMEORIGIN"); |
1
|
<meta http-equiv="Content-Security-Policy" content="frame-ancestors 'self'"> |
By setting the X-Frame-Options header or using the Content-Security-Policy header, you can allow embedding the same domain in an iframe and bypass the Same Origin Policy restriction.