User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0 Steps to reproduce: Updated Firefox Nightly to 72.0a1 (2019-11-01) (64-bit). Surfed to https://www.bonnieradvocaten.nl/bereikbaarheid This site has Google Maps Embedded in the webpage and uses the: "x-frame-options: sameorigin" header set. Actual results: The Embedded Google Maps portion of the page (https://www.bonnieradvocaten.nl/bereikbaarheid) shows the following error: =========================================================================== Blocked by X-Frame-Options Policy An error occurred during a connection to maps.google.com. Nightly prevented this page from loading in this context because the page has an X-Frame-Options policy that disallows it. ========================================================================== Expected results: As far as i know, and: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options seems to confirm this, the "x-frame-options: sameorigin" should prevent other pages from loading "www.bonnieradvocaten.nl" within a iframe. Setting the header should not prevent maps.google.com from loading from within the page as it currently does.
Bug 1593321 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0 Steps to reproduce: Updated Firefox Nightly to 72.0a1 (2019-11-01) (64-bit). Surfed to https://www.bonnieradvocaten.nl/bereikbaarheid This site has Google Maps Embedded in the webpage and uses the: "x-frame-options: sameorigin" header set. Actual results: The Embedded Google Maps portion of the page (https://www.bonnieradvocaten.nl/bereikbaarheid) shows the following error: ``` Blocked by X-Frame-Options Policy An error occurred during a connection to maps.google.com. Nightly prevented this page from loading in this context because the page has an X-Frame-Options policy that disallows it. ``` Expected results: As far as i know, and: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options seems to confirm this, the "x-frame-options: sameorigin" should prevent other pages from loading "www.bonnieradvocaten.nl" within a iframe. Setting the header should not prevent maps.google.com from loading from within the page as it currently does.