I am trying to embed SuiteCRM from another application running on a Webserver. Both our application and the SuiteCRM are located in different server with different private IP’s. When the iFrame is loading the following error occurs:
Load denied by X-Frame-Options: http://10.20.30 [....] does not permit cross-origin framing.
Is there any way to fix this? Or, how can I modify the X-Frame-Option of SuiteCRM
I can’t actually see anywhere that SuiteCRM adds the X-Frame-Options header so this is possible something that your webserver is adding. Configuring your web server is likely the best option.
If that’s not possible you can add the following:
header_remove('X-Frame-Options');
before any headers are sent. This can probably be done in an after_entry_point logic hook.