Problems inserting chats using the 'allow-same-origin' option

wizone03 · May 14, 2023, 6:52pm

Even though I put “allow-same-origin” in the sandbox attribute of the HTML, I get the error “Refused to display ‘https://www.twitch.tv/’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.” An error occurs.

If I were to embed the chat in the normal way, I wouldn’t be able to use the “options for running the chat as a popup” like setting the dark mode, so I put the link “Twitch” in the src of the iframe instead of “Twitch”.

The SOP error popped up in the console window of the devtool, so I looked for the API documentation and realized that there was a sandbox option, so I put that in and got the same error.

To see if it was just a link issue, I tried putting in a normal link (Twitch) minus the parent=~~~ part, and got the same error (‘X-Frame-Options’ to ‘sameorigin’).

Is there a workaround for that error, or is it possible to embed the popup directly?

BarryCarlyon · May 14, 2023, 6:54pm

To embed chat please follow the embed chat documentation: Chat | Twitch Developers

You need to embed the embed, not the popup.

If still having issues please link to the page with the embed on that is not working.

wizone03 · May 14, 2023, 6:55pm

I’ve exhausted the embed options, so there’s no way to include a popup at all?
Why didn’t the +sandbox option work?

My code was like this

BarryCarlyon · May 14, 2023, 6:56pm

Only embedding the embed as documented is supported.

You can use darkpopout=1 to force dark mode on the chat embeds, otherwise user preference should apply/be recalled.

You can’t override the server.

The sandbox option tells your site what to allow on the embedded site if your site has restrictions.

if you specify more permissions that Twitch requests in the docs, that dones’t make Twitch apply/allow those extra perms

So you add allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-modals

if you add more Twitch doesn’t add more it will ignore.

wizone03 · May 14, 2023, 7:01pm

If so, how should I use the https://dev.twitch.tv/docs/embed/chat/에서 Parameters-sandbox part?
There doesn’t seem to be any difference between using it and not using it, so am I using it wrong? Or is it not supported right now?

BarryCarlyon · May 14, 2023, 7:01pm

You got caught as I was editing revising.

wizone03 · May 14, 2023, 7:02pm

Oh I saw the revised answer late, thanks for the reply

BarryCarlyon · May 14, 2023, 7:02pm

Also from

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe

sandbox
Applies extra restrictions to the content in the frame. The value of the attribute can either be empty to apply all restrictions, or space-separated tokens to lift particular restrictions:

But if you add more than Twitch needs, Twitch doesn’t honor/add the extra permissions, hence trying to override the X-Frame-Options does nada.

system · June 13, 2023, 7:03pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.