Allow x-framing of secure checkout page in Woocommerce

  • bizzle1236

    (@bizzle1236)


    7 years, 6 months ago

    I am trying to allow a call center to x-frame the store below so they can process customer orders using their system. The checkout page loads blank currently due I believe to x-framing being forbidden as default (with the header set for x-framing to DENY).

    I believe the best option is potentially to allow the call centre’s IP addresses to x-frame the site (and the secure checkout page) but using ALLOW-FROM xxx doesn’t seem to work with IP addresses (only domains) and results in a server error.

    Has anyone else been able to to x-frame their woocommerce store, especially to allow call centres to integration with it?

    Store – http://www.bodymassageshop.com

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support D Smith a11n

    (@dsmithweb)

    Automattic Happiness Engineer

    7 years, 6 months ago

    Have you tried modifying your .htaccess file?

    http://stackoverflow.com/questions/17092154/x-frame-options-on-apache

    Also note that ALLOW-FROM isn’t supported by all browsers

    Thread Starter bizzle1236

    (@bizzle1236)

    7 years, 6 months ago

    Hi there, I have tried modifying the file, yes. The problem lies in that I understand the only allowed values for setting the Xframe header value are DENY (out of the box it’s deny I beleive), SAMEORIGIN (allow your domain to frame only) and ALLOW-FROM, where you can specify a domain. If I try to specify allow an IP address, it results in a server error, perhaps because you can’t do that. The application framing the store is an application, not a browser, used by the call centre which complicated things so I only have IP addresses to allow.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Allow x-framing of secure checkout page in Woocommerce’ is closed to new replies.

Tags