Cross Domain/Origin (CORS) Error When Rendering Content Through AppLinkReady Event:" Load denied by X-Frame-Options: https://<host>.oraclecloud.com does not permit cross origin framing." (Doc ID 2478260.1)

Last updated on AUGUST 21, 2023

Applies to:

Content and Experience Cloud Service - Version 18.4.1 and later
Content and Experience Cloud - Version 18.4.1 and later
Content and Experience Cloud Classic - Version 18.4.1 and later
Information in this document applies to any platform.

Symptoms

We have an Oracle JCS SX application which we are using to embed secure content hosted in CEC. We are using the AppLinks functionality and then embedding through an iFrame by calling the AppLinks Ready event.

As our Oracle JCS environment is hosted on a different domain and identity console, we have enabled Cross-Origin Resource Sharing (CORS) on both CEC and within the Identity Console.

Although we have enabled CORS correctly, we are receiving the following error:

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Cross Domain/Origin (CORS) Error When Rendering Content Through AppLinkReady Event:" Load denied by X-Frame-Options: https://<host>.oraclecloud.com does not permit cross origin framing." (Doc ID 2478260.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!