Recently I had a problem with my
. I wasn’t aware that it’s related to Caddy - the initial thought was that something went wrong with the SSL certificate. But I was wrong. The message was pretty “platonic”
In ancient times, when youtube was born, we didn’t have a VIDEO tag. We used to have Flash. To play video on the website, we had to convert it to weird Flash video format, leave mp4 for safety and hope that everything would work fine. Later on, when HTML5 became an industry standard, our lives became much easier.
In theory, VIDEO tag solves all our issues. When the browser can handle webm (Chrome family) we play webm.
There is a website, with iframe. I frame source is correct, but won’t display content of the website. No visible errors. There only small detail in the console:
Load denied by X-Frame-Options: https://... does not permit cross-origin framing.
Some crazy admin figure out that it’s going to be better… and put some crazy code into headers:
X-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockX-Content-Type-Options: nosniff
Solution: talk to the hand, because admin won’t listen ;P