Oracle Access Manager (OAM) Authentication Flow Displays A Blank Page And An Error "Load denied by X-Frame-Options ..."
(Doc ID 2927730.1)
Last updated on FEBRUARY 15, 2023
Applies to:Oracle Access Manager - Version 220.127.116.11.220113 and later
Information in this document applies to any platform.
Access an iframe where one of the defined elements is an OAM protected resource. This results in another webpage with-in the parent page, which is blank and with below error:
- Works in 18.104.22.168.x
- Works in 22.214.171.124. x up to BP 09
- Does not work with 126.96.36.199.220113 BP10
- Does not work when setting the following directives at OHS level but does not work:
- Header always set Content-Security-Policy "frame-ancestors 'self' 'hostname.domain';"
- Header always set Access-Control-Allow-Origin "hostname.domain"
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document