extension ExtPose

Ignore X-Frame headers

CRX id


Description from extension meta

Drops X-Frame-Options and Content-Security-Policy HTTP response headers, allowing all pages to be iframed.

Image from store Ignore X-Frame headers
Description from store Should be used only temporarily and only for development, testing, or troubleshooting purposes because it disables important browser security mechanisms. No custom options or installation instructions: just install the extension and enable it on the relevant websites using the standard browser controls. Reference: * https://developer.mozilla.org/docs/Web/HTTP/Headers/X-Frame-Options * https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy Source code: https://github.com/guilryder/chrome-extensions/tree/main/xframe_ignore

Latest reviews

  • (2021-08-16) lankybox justin: it was ok but you can do any batttles once you used a item giver
  • (2021-07-13) Alison Jonck: Really really useful! Thanks a lot!
  • (2021-04-24) T Sam: Love, love, love!!! Worked like a charm - thanks! :)
  • (2021-04-20) libra02: NO me funciona ,fue recomendada por el sito influencerpod.club para poder entrar en las Acciones que se puedes realizar manualmente dando likes ,follows y comentarios en las tres ventanas que salen de instagram y continuan bloqueando ,dare 5 cuando puedan debloquear eso
  • (2021-03-25) Amrdeep Singh Athwal: Works perfectly Really usefull for optimising shopify sites using google optimize. Hint maybe just set it to run on certain sites since it doesnt have a on or off switch
  • (2021-01-27) William José Cova Rondón: Muy pero muy súper esta extencion
  • (2020-12-28) airong yu: I have it!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  • (2020-12-20) Ethan Does Random Stuff: When I go onto Prodigy, I am stuck on the loading screen because of this extension. Please fix this!!!
  • (2020-12-16) Alessandro Belloni: recently it's not working anymore for some reason
  • (2020-12-04) Alex B.: I think this extension works really good, but if you need something else that will REALLY work is if you: 1.) Go to https://github.com/darkclown97/chrome-extn And download the zip and extract it. 2.) Go to chrome://extensions and turn on developer mode 3.) Click on "Load Unpacked" and select the folder you extracted from the zip you downloaded. 4.) Try it out!!!!
  • (2020-11-05) Suprxme: please make an option where we can enable and disable it without having to delete the extension and redownload it just to use it,this is all i want then it would get a 5 star and it would be PERFECT
  • (2020-10-24) IotToBlockchain: 能工作,但是只能显示登录界面,输入正确的用户名/密码后,不能登录进去,网页没变化
  • (2020-10-21) Sidhant Ghosh: tried to open a redirect with it on chrome,says has no access to that redirected site....thats why i downloaded this....dead end for me..plz help
  • (2020-09-21) Tyler hayz: it didnt work for me :(
  • (2020-08-26) Zachary Yaro: It prevents embedded sites from being blocked entirely, but AJAX requests from those sites still seem to be failing, so they do not work correctly within their frames.
  • (2020-08-09) Tom Brickman: Working on a dashboard on local machine. Exactly what I need.
  • (2020-07-24) Noel Bennett: Sadly, looks like as of Chrome version 84, it won't suppress the effects of the `content-security-policy` header.
  • (2020-07-02) Tú Phạm Bảo: Thanks. It's very useful
  • (2020-01-30) gaurang patel: As a developer I find it very useful plugin to test certain scenarios.
  • (2020-01-09) VARA2: It Fixed the b11-pdc.enstage-sas.com refused to connect error..
  • (2019-12-12) 极客青年: https://greasyfork.org/zh-CN/scripts/378131-%E5%BD%A9%E4%BA%91%E5%B0%8F%E8%AF%91 配合此插件食用真香
  • (2019-10-17) Dario Trbović: This saved my life
  • (2019-08-01) Parveen Bhadoo: Love It :)
  • (2019-07-26) Анюта Бешеная: Как его удалить
  • (2019-07-25) Mauk de Liagre Bohl: i can't remove this extension
  • (2019-07-24) Nicolas Oliveira: impossivel excluir
  • (2019-06-16) Billy Gee: Great extension for developers! I've been using it for a while now. It's not perfect tho, there are some websites that still won't load inside your iframes (like Facebook), but other that that works fine:) .
  • (2019-06-05) Amir Harel: It is not working anymore...
  • (2019-04-24) Jeff Mickey: Not working as of: Version 74.0.3729.108 (Official Build) (64-bit)
  • (2019-04-12) 浪遏飞舟: It is nice to running.
  • (2019-03-27) Awesome! Spent so much time googling around how to bypass the x-frame-option, no luck. This extension is a life saver!
  • (2019-03-08) Qi Wang: 能用
  • (2019-02-13) Worked perfectly fine until Google Chrome release v72. Doesn't work anymore :-(
  • (2019-01-24) Bruno Belarmino de Queiroz: Perfect
  • (2018-12-10) Marcus Tucker: It's a powerful but DANGEROUS extension with potentially disastrous consequences, especially in a corporate environment. It doesn't even have a simple toggle! To be safe it urgently needs a whitelist feature so that it can be selectively enabled only for certain sites rather than blanket enabled for EVERY website.
  • (2018-10-12) Marco David Martinez: Save me a lot of time
  • (2018-09-19) Swapneel Golapkar: It was very helpful for me
  • (2018-08-29) Scott Langham: Need option on the icon to enable and disable it. Going into chrome's extensions page to do so each time is a pain.
  • (2018-07-21) Matthijs Gałażyn: Without any whitelist mechanism this extension is dangerous to use.
  • (2018-04-27) GOKUL K: Helpful.
  • (2018-02-01) Melissa M B: it doesn't work!
  • (2018-01-09) John K: Simple and useful. Would be great if there was an option to enable/disable it from the menu, instead of enabling/disabling the extension itself.
  • (2017-12-22) Richard Wright: Allowed my custom intranet to be used by employees. It was a must as our helpdesk incorporates iframes to keep all employees within the same site for everything they need.
  • (2017-08-14) Валентин Жариков: Отличное приложение
  • (2017-07-26) William Le: Simple and works
  • (2017-07-07) It does what it says, but there is no way to turn the functionality off without disabling the entire extension.

Latest issues

  • (2021-11-05, v:1.1.2) Joemar Rabaja: Not active and greyed out on extention
    Hello when I install the plugin it is successfully installed but I think it is disabled as it is not working and when checking it is greyed out on the manage plugin.
  • (2021-04-16, v:1.1.2) Kimmo H.: Does not work with file URLs?
    Hi, i have issue that extension does not work with local file url. When using setting "On all sites", extension works fine with opened file (link like: file:///C:/Users/myself/Desktop/Testpage.html ). Works without option "Allow access to file URLs" being active. With setting "On click" and "Allow access to file URLs" set active does not work. Extension reports "Has access to this site" (after clicking). Reloaded page few times, no effect. Setting "On specific sites" does not allow file:/// type local links - please allow? Thanks for the plugin, it's very useful!
  • (2021-04-12, v:1.1.2) Damian Barrionuevo: Please enable Cookies and reload the page.
    I have the cookies activated but the poster does not go away.
  • (2021-03-25, v:1.1.2) Antwort Frankwort: Registry settings?
    Hi, Does this extension write sometime into registry so that we can fix the settings for our other accounts? BR
  • (2021-03-06, v:1.1.1) Miguel Angel García Chavez: Dont work in Chrome "Versión 89.0.4389.82"
    Hi, In Chrome Versión 89.0.4389.82, the plugin does not work. Can you help me please?
  • (2021-01-29, v:1.1.1) AY GMAIL: "On click" Option Is NOT Working
    Hi, The extension works fine when set to specific sites or all sites but does NOT work using the "On click" option. Clicking it refreshes the page but then iframe content doesn't load due to cross domain issue (X-Frame-Options set to sameorigin).
  • (2020-12-29, v:1.1.1) Rupesh Bari: sample code
    can you share me sample code in that we can do it without this extension
  • (2020-11-15, v:1.1.1) ScizzorCut Animations: wont let me log into math prodigy
    when i downloaded it and added it to chrome it wasnt letting me log into math prodigy. it was stuck at the loading screen for 30 minutes.
  • (2020-11-02, v:1.1.1) Yevgen Ko: How to use it?
    You probably all magicians here... there is no any option, instruction or help.. how to make it work?
  • (2020-09-25, v:1.1.1) frame-ancestors
    Sadly it can't strip frame-ancestors rules.
  • (2020-09-05, v:1.1.1) Nilsson Hsu: it dont work in intranet
    i install the extension on chrome ,its work , but after somedays the extension isnt work ,how can i use the extension in intranet?
  • (2020-09-04, v:1.1.1) Charmes Perfumaria: atualizacao
    nao roda
  • (2020-07-31, v:1.1.1) Ameya Bhakay: content-security-policy frame-ancestors 'self' doesn't work?
    Guillaume, thanks for this awesome extension, however I noticed this extension doesn't handle CSP's well? Try putting this https://www.macquarie.com.au/ site in an iFrame; doesn't work i.e. doesn't remove the CSP.
  • (2020-07-03, v:1.1.1) VINOD KARKE: Could not move extension directory into profile.
    Could not move extension directory into profile. please support me
  • (2020-07-03, v:1.1.1) VINOD KARKE: Could not move extension directory into profile.
    Could not move extension directory into profile. ha error yet ahe please support me
  • (2020-05-20, v:1.1.1) Morten Holst Jensen: frame-ancestors 'self' not supported?
    Hi, I have been using the extension with great success for testing purposes, but the sites I suspect the site I am working with has changed implementation of frame-ancestors, because I am now getting the following error, even with the extension enable: Refused to frame 'https://[mainsite.com].com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://[external site.com]" Is the 'self' setting different from 'deny', in a way so it is not possible for the extension to override it? Is there something else I can do to override this? Tested in both new Edge and Chrome 80+ Thanks /Morten
  • (2020-05-12, v:1.1.1) Daniel Lim: Stopped working?
    Hi, I cant get it to work. I know it did before. The same setup works in firefox with the equivalent extension.
  • (2020-02-18, v:1.1.1) Chris Crotts: Security Settings
    I am actually trying to resolve a problem I have previewing PDFs on outlook.com. This extension fixed the problem in production, however, I really don't want to leave the extension on for normal browsing. Is there a list of security settings within Chrome that this extension disables so I can see which one is blocking my request? Any help would be great, Chris
  • (2019-08-29, v:1.1) RONNY VON: CANCELamento
  • (2019-08-21, v:1.1) AVO: kaldıramama
    uzantıyı kaldramıyorum
  • (2019-07-04, v:1.1) Tepeş: How to import it to my code?
    I'm making a html/js/css app, and want to include it to my app. How do i do? like <script></script> ??
  • (2019-06-06, v:1.1) Vaibhav Gaikwad: Could a configuraiton to skip specific sites?
    Could a configuraiton be added to support x-frame-options to be skipped only for specific sites? Based on trust policies, the configuration can help to setup such rules
  • (2019-05-16, v:1.1) MjolniR: how to ignore x-frame options using php code?
    i want to do this manually using php code.so can you suggest some solution.
  • (2019-03-22, v:1.1) Craig Lindholm: Vivaldi Web Browser Partially working
    version 2.3.1440.61 (Stable channel) (32-bit) Works if I allow all sites. Doesn't work if I specify sites
  • (2019-03-05, v:1.1) Rob Lindman: does not work in latest chrome
    I just updated to... Version 72.0.3626.121 (Official Build) (64-bit) ... Windows 10, and same version but .119 on Ubuntu. Refused to display 'https://worker.mturk.com/tasks' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
  • (2019-03-04, v:1.1) Thomason1005: not working with local file on chrome v72
    i am using chrome 72.0.3626.121 on windows 10 and try to open the following html (local), but still get the same error as without plugin: "<!DOCTYPE html> <html> <head> <title>FrameTest</title> <meta charset="utf-8"> <meta name="viewport" content="initial-scale=1.0, user-scalable=no, width=device-width"> </head> <body style="padding:0;margin:0; overflow:hidden; background:black;"> <iframe src="http://www.google.com" style="width:100vw;height:56.25vw;border:0;"> </iframe> </body> </html>"
  • (2019-02-14, v:1.1) Stopped working on Version 72.0.3626.109
    Hi Guillaume, first off, thanks for this handy extension. I recently upgraded my chrome version from v71 to v72, and sadly, this extension doesn't do it's magic anymore. Any plans of updating this extension?
  • (2018-12-10, v:1.1) Marcus Tucker: Feature to selectively enable for specific sites is needed
    This extension has potentially disastrous consequences, especially in a corporate environment but it doesn't even have a simple toggle like most other extension have and using Chrome's own extension enable/disable mechanism is not convenient at all so will lead to security problems due to user error / forgetfulness. For this extension to be proactively safe it needs a whitelist feature so that it can be selectively enabled only for certain sites rather than blanket enabled for EVERY website.


200,000 history
4.3 (130 votes)
Last update / version
2021-03-16 / 1.1.2
Listing languages