I'm having a very strange issue with my Facebook like button. When i'm logged into Facebook.. everything works fine.
When I click the button when i'm not logged in, my like button actually tries to load www.facebook.com inside of the like button through an iframe.
This gives an error stating
facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
I have tried updating the code to the newest javascript (in testing) and other types of configurations, with no luck.
Here is my page to see this happening: https://www.infinitesweeps.com/sweepstakes/roundup/
<div class="fb-like" data-href="https://www.infinitesweeps.com/sweepstakes/roundup/" data-width="335" data-layout="standard" data-action="like" data-size="large" data-share="true"></div>
<script>
loadScript("https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=176508242428601&version=v8.0&cookie=1");
</script>
Nothing really fancy..
Do you see anything wrong?
X-Frame-Options
header set toDENY
. Either you need to change it toSAMEORIGIN
or have your Hosting Provider update this for you.X-Frame-Options
work together. When you set that particular header on your own server, then all frames will be denied and prevented from loading by the browser. While the header is a server-side concern, the error itself is a client-side issue.