Ignore X-Frame headers

Drops X-Frame-Options and Content-Security-Policy HTTP response headers, allowing all pages to be iframed.

Latest reviews

• (2020-08-26) Zachary Yaro: It prevents embedded sites from being blocked entirely, but AJAX requests from those sites still seem to be failing, so they do not work correctly within their frames.
• (2020-08-09) Tom Brickman: Working on a dashboard on local machine. Exactly what I need.
• (2020-07-24) Noel Bennett: Sadly, looks like as of Chrome version 84, it won't suppress the effects of the `content-security-policy` header.
• (2020-07-02) Tú Phạm Bảo: Thanks. It's very useful
• (2020-01-30) gaurang patel: As a developer I find it very useful plugin to test certain scenarios.
• (2020-01-09) VARA2: It Fixed the b11-pdc.enstage-sas.com refused to connect error..
• (2019-12-12) 极客青年: https://greasyfork.org/zh-CN/scripts/378131-%E5%BD%A9%E4%BA%91%E5%B0%8F%E8%AF%91 配合此插件食用真香
• (2019-10-17) Dario Trbović: This saved my life
• (2019-08-01) Parveen Bhadoo: Love It :)
• (2019-07-26) лох какойто: Как его удалить
• (2019-07-25) Mauk de Liagre Bohl: i can't remove this extension
• (2019-07-24) Nicolas Oliveira: impossivel excluir
• (2019-06-16) Billy Gee: Great extension for developers! I've been using it for a while now. It's not perfect tho, there are some websites that still won't load inside your iframes (like Facebook), but other that that works fine:) .
• (2019-06-05) Amir Harel: It is not working anymore...
• (2019-04-24) Jeff Mickey: Not working as of: Version 74.0.3729.108 (Official Build) (64-bit)
• (2019-04-12) 勿谈政治: It is nice to running.
• (2019-03-27) Awesome! Spent so much time googling around how to bypass the x-frame-option, no luck. This extension is a life saver!
• (2019-03-08) Qi Wang: 能用
• (2019-02-13) Worked perfectly fine until Google Chrome release v72. Doesn't work anymore :-(
• (2019-01-24) Bruno Belarmino de Queiroz: Perfect
• (2018-12-10) Marcus Tucker: It's a powerful but DANGEROUS extension with potentially disastrous consequences, especially in a corporate environment. It doesn't even have a simple toggle! To be safe it urgently needs a whitelist feature so that it can be selectively enabled only for certain sites rather than blanket enabled for EVERY website.
• (2018-10-12) Marco David Martinez: Save me a lot of time
• (2018-09-19) Swapneel Golapkar: It was very helpful for me
• (2018-08-29) Scott Langham: Need option on the icon to enable and disable it. Going into chrome's extensions page to do so each time is a pain.
• (2018-07-21) Matthijs Gałażyn: Without any whitelist mechanism this extension is dangerous to use.

Latest issues

• (2020-09-05, v:1.1.1) Nilsson Hsu: it dont work in intranet
  i install the extension on chrome ,its work , but after somedays the extension isnt work ,how can i use the extension in intranet?
• (2020-09-04, v:1.1.1) Charmes Perfumaria: atualizacao
  nao roda
• (2020-07-31, v:1.1.1) Ameya Bhakay: content-security-policy frame-ancestors 'self' doesn't work?
  Guillaume, thanks for this awesome extension, however I noticed this extension doesn't handle CSP's well? Try putting this https://www.macquarie.com.au/ site in an iFrame; doesn't work i.e. doesn't remove the CSP.
• (2020-07-03, v:1.1.1) VINOD KARKE: Could not move extension directory into profile.
  Could not move extension directory into profile. please support me
• (2020-07-03, v:1.1.1) VINOD KARKE: Could not move extension directory into profile.
  Could not move extension directory into profile. ha error yet ahe please support me
• (2020-05-20, v:1.1.1) Morten Holst Jensen: frame-ancestors 'self' not supported?
  Hi, I have been using the extension with great success for testing purposes, but the sites I suspect the site I am working with has changed implementation of frame-ancestors, because I am now getting the following error, even with the extension enable: Refused to frame 'https://[mainsite.com].com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://[external site.com]" Is the 'self' setting different from 'deny', in a way so it is not possible for the extension to override it? Is there something else I can do to override this? Tested in both new Edge and Chrome 80+ Thanks /Morten
• (2020-05-12, v:1.1.1) Daniel Lim: Stopped working?
  Hi, I cant get it to work. I know it did before. The same setup works in firefox with the equivalent extension.
• (2020-02-18, v:1.1.1) Chris Crotts: Security Settings
  I am actually trying to resolve a problem I have previewing PDFs on outlook.com. This extension fixed the problem in production, however, I really don't want to leave the extension on for normal browsing. Is there a list of security settings within Chrome that this extension disables so I can see which one is blocking my request? Any help would be great, Chris
• (2019-08-29, v:1.1) RONNY VON: CANCELamento
  DESEJO REMOVER O X-Frame- DO COMPUTADOR POR AO TECLAR "REMOVER DO GOOGLE CHROME" O MESMO NAO É DESATIVADO
• (2019-08-21, v:1.1) AVO: kaldıramama
  uzantıyı kaldramıyorum
• (2019-07-04, v:1.1) Tepeş: How to import it to my code?
  I'm making a html/js/css app, and want to include it to my app. How do i do? like <script></script> ??
• (2019-06-06, v:1.1) Vaibhav Gaikwad: Could a configuraiton to skip specific sites?
  Could a configuraiton be added to support x-frame-options to be skipped only for specific sites? Based on trust policies, the configuration can help to setup such rules
• (2019-05-16, v:1.1) MjolniR: how to ignore x-frame options using php code?
  i want to do this manually using php code.so can you suggest some solution.
• (2019-03-22, v:1.1) Craig Lindholm: Vivaldi Web Browser Partially working
  version 2.3.1440.61 (Stable channel) (32-bit) Works if I allow all sites. Doesn't work if I specify sites
• (2019-03-05, v:1.1) Rob Lindman: does not work in latest chrome
  I just updated to... Version 72.0.3626.121 (Official Build) (64-bit) ... Windows 10, and same version but .119 on Ubuntu. Refused to display 'https://worker.mturk.com/tasks' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
• (2019-03-04, v:1.1) Thomason1005: not working with local file on chrome v72
  i am using chrome 72.0.3626.121 on windows 10 and try to open the following html (local), but still get the same error as without plugin: "<!DOCTYPE html> <html> <head> <title>FrameTest</title> <meta charset="utf-8"> <meta name="viewport" content="initial-scale=1.0, user-scalable=no, width=device-width"> </head> <body style="padding:0;margin:0; overflow:hidden; background:black;"> <iframe src="http://www.google.com" style="width:100vw;height:56.25vw;border:0;"> </iframe> </body> </html>"
• (2019-02-14, v:1.1) Stopped working on Version 72.0.3626.109
  Hi Guillaume, first off, thanks for this handy extension. I recently upgraded my chrome version from v71 to v72, and sadly, this extension doesn't do it's magic anymore. Any plans of updating this extension?
• (2018-12-10, v:1.1) Marcus Tucker: Feature to selectively enable for specific sites is needed
  This extension has potentially disastrous consequences, especially in a corporate environment but it doesn't even have a simple toggle like most other extension have and using Chrome's own extension enable/disable mechanism is not convenient at all so will lead to security problems due to user error / forgetfulness. For this extension to be proactively safe it needs a whitelist feature so that it can be selectively enabled only for certain sites rather than blanket enabled for EVERY website.