-2

I'm having a very strange issue with my Facebook like button. When i'm logged into Facebook.. everything works fine.

When I click the button when i'm not logged in, my like button actually tries to load www.facebook.com inside of the like button through an iframe.

This gives an error stating

facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

I have tried updating the code to the newest javascript (in testing) and other types of configurations, with no luck.

Here is my page to see this happening: https://www.infinitesweeps.com/sweepstakes/roundup/

<div class="fb-like" data-href="https://www.infinitesweeps.com/sweepstakes/roundup/" data-width="335" data-layout="standard" data-action="like" data-size="large" data-share="true"></div>
<script>
loadScript("https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=176508242428601&version=v8.0&cookie=1");
</script>

Nothing really fancy..

Do you see anything wrong?

Improve this question
7
  • This isn't a code issue. The error is telling you what's wrong: Your server has the X-Frame-Options header set to DENY. Either you need to change it to SAMEORIGIN or have your Hosting Provider update this for you.
    – maiorano84
    Commented Jun 22 at 1:26
  • @maiorano84 it's not their server giving the X-Frame-Options response, but Facebook's.
    – CBroe
    Commented Jun 24 at 6:15
  • @CBroe No, that's not how that works. The output comes from one's own server configuration, because that's how iframes and X-Frame-Options work together. When you set that particular header on your own server, then all frames will be denied and prevented from loading by the browser. While the header is a server-side concern, the error itself is a client-side issue.
    – maiorano84
    Commented Jun 24 at 22:07
  • @maiorano84 Facebook are the one here saying, that their plugin must not be displayed framed on other sites.
    – CBroe
    Commented Jun 25 at 5:51
  • @CBroe Ok? And did you read the error that OP had mentioned? Clearly there is an iframe element that's being prevented by the browser due to server response headers. If the Connect Script is loading it in as an iframe, then obviously the response headers that prevent cross-origin frames will get in the way of the browser attempting to load them. It's not complicated, I'm not sure what you're trying to argue here.
    – maiorano84
    Commented Jun 25 at 6:29
Related questions
11
Facebook like button error - blocked frame
3
Facebook like button is not showing
1
Facebook Like button 404 error for connect.facebook.net/en_US/all.js
Load 5 more related questions Show fewer related questions

0

Reset to default

Browse other questions tagged or ask your own question.