2

I am unable to show https://login.salesforce.com inside an IFrame.

<iframe src="https://login.salesforce.com"/>

I am using OAuth between my application and salesforce. For the sake of a better user experience, I do not want the users to leave my application's main window.

Any suggestions?

Sample to demonstrate the issue - http://jsfiddle.net/ngWxY/

Ram Sundar
  • 73
  • 3
  • 5
  • Can you show your own login form that would simply submit to their page? (`
    ` etc). Form field names are `username` & `pw`.
     – eyescream Jan 22 '13 at 15:48
  • Got the same issue.. New update right ! https://success.salesforce.com/questionDetail?qid=a1X30000000fB3yEAE also mentions the same issue. Had to use their login form, and customize header/footer.. but lost our beautiful subdomain url and now have the ugly SF urls. Full details in this other page, looks like they are not planning to remove the frame breaker.. https://success.salesforce.com/questionDetail?qid=a1X30000000f9NwEAI – Maxime Feb 15 '13 at 20:12

1 Answers1

4

We've been using the SSP in an iFrame without a problem for years. Then this past weekend our Salesforce domain received the Spring '13 update and we can no longer display the SSP in an iFrame. We discovered the reason is that Salesforce is now including the X-Frame-Options: DENY header in its HTTP Response, which tells the browser not to display the content in an iFrame. Some browsers give you an explanation msg, while others show nothing at all. We are waiting for a response from Salesforce; perhaps you are experiencing the same thing? Browse the SSP login URL in a regular browser window and use diagnostic tools to check the response headers of the returned content.

josh3736
  • 139,160
  • 33
  • 216
  • 263
Irving Berlin
  • 41
  • 1