Dear sequence server development team,
I am currently trying to incorporate sequence server to our genome portal and display it using the iframe feature, while it refused to display in chrome and firefox and only works on IE. The error message I got from chrome is:
Refused to display ‘http://bio-tripal-cdc.bioinformatics.csiro.au:8080/’ in a frame because it set ‘X-Frame-Options’ to ‘SAMEORIGIN’. I couldn’t find anything related with this “X-Frame-Options” coded in sequenceserver. I tried a number of solutions from Internet, but none of them worked.
I am wondering whether you have already come across this kind of problem and look for your valuable suggestions.
That’s correct. We don’t add X-Frame-Options. It’s done by Sinatra, through the Rack::Protection extension.
Based on http://stackoverflow.com/a/7841082 could you try adding
set :protection, :except => :frame_options
to routes.rb after line 11 (https://github.com/yannickwurm/sequenceserver/blob/master/lib/sequenceserver/routes.rb#L11) and see if that works for you? We will make it a part of source code if it works for you.
I have created a GitHub issue to track this - https://github.com/yannickwurm/sequenceserver/issues/179. If you are on GitHub, perhaps we can continue it there?
Thank you very much for the help. It works now by adding your suggested codes to routes.rb after line 11 in both Chrome and Firefox.
Cool. Thanks. We will make sure this is included in an upcoming minor release.