'X-Frame-Options' to 'SAMEORIGIN' issue on video cards

video
web
cards

#1

Hi I just created new cards which work flawlessly on the twitter apps … but not on the web !
I can see ‘X-Frame-Options’ to ‘SAMEORIGIN’ issues in the console

here’s a sample tweet: https://twitter.com/alexksso/status/702580708611481601 as you can see the vide is embedded but the iframe with the player will not load

any hints appreciated !


#2

This happens because the embed (https://www.actvt.com/edit/alexander-casassovici/sf-chinese-new-year-parade/67459bdc-b9e8-4cea-9261-f0da2bf860c9/share?autoplay=1&auto_play=true) sends the following header:

X-Frame-Options: SAMEORIGIN

This prohibits that Website to be embedded on any other site, except www.actvt.com

Check out the Mozilla documentation about that header here.


#3

Awesome,
I had the allow options updated but not the x-frame one - I guess I read too fast !
thanks for the pointer I fixed it and it now works !