Hi there!
I’ve done some searching and the only thing I could find that might solve my problem is this: http://ellislab.com/forums/viewthread/174798/
However, my problem seems slightly different.
I’m building a simple facebook app where people can sign up, post photos and vote on other people’s photos. Super straight forward.
The user goes through a couple of steps. Each step has its own EE template, like step_1, step_2 and so forth.
These steps work perfectly fine inside the FB tab (which is just an iframe). However, step_3 contains a safecracker form and this is where things go wrong. When a user clicks the “continue” button in step_2, to proceed to step_3, the iframe is not reloaded and the console says the following:
Refused to display 'https://subdomain.testlocation.com/index.php/start/step_3?continue=yes' in a frame because it set 'X-Frame-Options' to 'SameOrigin'.Details that might also be interesting is that in step_2, there is a Solspace User register form and this works without any trouble.
It migh have to do with the third bullet on this EE changelog: http://ellislab.com/expressionengine/user-guide/about/changelog.html#version-2-5-4, which says:
Added X-Frame-Options header to deny attempts at iframing the Control Panel.
I’m guessing that perhaps SafeCracker is basically rendering a piece of the CP in the front end?
Any ideas? Greatly appreciated :D Thanks a lot in advance.
EE v2.6.1 - Build Date: 20130506