ERR_BLOCKED_BY_RESPONSE error in joomla 4.0.2 Topic is solved

[vladmor2012]

Hello!
The problem with the module "Wrapper" in joomla 4.0.2. Doesn't display the site's subdomain. Throws ERR_BLOCKED_BY_RESPONSE error.
How to get rid of this? This was not the case in joomla 3.10.0.
Sincerely, Vladimir.

[vladmor2012]

The issue has been resolved. In the plugin "System - HTTP Headers" disabled "X-Frame-Options".
Found the answer on the forum: https://mb4.ru/en/forum/joomla/3578-upr ... mla-4.html.

[vladmor2012]

Hello!
How can you solve the problem without disabling the "X-Frame-Options"? I would like to leave this protection. Tried adding in .htaccess: X-Frame-Options allow-from https://www.example.com/. Nothing works.
Sincerely, Vladimir.

[shoulders]

Hi

ALLOW-FROM uri no longer works

• This is an obsolete directive that no longer works in modern browsers. Don't use it.
• https://developer.mozilla.org/en-US/doc ... me-Options

This is some example code that works you might be able to get doing what you want

Code: Select all

# Conditional X-Frame-Options for iFrame Embedding Control
<If "%{HTTP_REFERER} == 'https://www.sita.com/' || %{HTTP_REFERER} == 'https://www.siteb.com/'">
    <IfModule mod_headers.c>
        Header always unset X-Frame-Options
    </IfModule>
</If>
<Else>
    <IfModule mod_headers.c>
        Header always append X-Frame-Options SAMEORIGIN
    </IfModule>
</Else>

• The Else section is optional.
• The always variable is like CSS !important
• Some plugins will enable X-Frame-Options SAMEORIGIN on all pages (Joomla 4 ?/ Wordpress W3C Total Cache) so in this case the Else statment is not needed
• You could add other checks into If statements or use other Apache variables, you are not limited to the ones i have used and these statements can be nested.
• This goes in your .htaccess
• You dont have to disable any Joomla options for this to work.

Hope this helps

shoulders