Inserting HTML code for a form

Hi,

I’m trying to insert HTML code generated by my document manager (Citrix ShareFile). The code is supposed to create a “Remote Upload Form” for my clients to submit their documents to me via my website. The code that ShareFile generated for me is attached. I tried typing it in here, but unfortunately it wouldn’t show as text so it was just blank. Now I’m wondering if it’s a problem with the code itself then…

Anyway, I’ve tried to insert it into the text area and also using raw content in Cornerstone. Unfortunately, the page is still turning up blank. Am I supposed to insert this code somewhere else? The webpage with the form is: https://www.elcorsolutions.com/tax-upload-page/

Thanks!

Hello There,

The code is correct and it is supposed to work in raw content element. The problem is that your server is not allowing iframe contents to load in your site.

To resolve this issue, you must have control of the Server that sends the content of the iframe you can set the setting for X-Frame-Options in your webserver.

Configuring Apache

To send the X-Frame-Options header for all pages, add this to your site’s configuration:

Header always append X-Frame-Options SAMEORIGIN

Configuring nginx

To configure nginx to send the X-Frame-Options header, add this either to your http, server or location configuration:

add_header X-Frame-Options SAMEORIGIN;

If you do not what you are doing, please ask assistance from your hosting provider and tell them that you need to allow iframe contents.

Please let us know how it goes.

Hi there. Thanks so much for the reply. I finally got a hold of support from my hosting provider (Siteground). Here’s what they said: "I have tried multiple approaches of amending your .htaccess file in order to resolve the issue, however to no avail:

Code:
Header set X-Frame-Options DENY
Header always append X-Frame-Options SAMEORIGIN
Header always unset Content-Security-Policy
Header always unset X-Frame-Options
Header add Access-Control-Allow-Origin “*”
Header add Access-Control-Allow-Headers “origin, x-requested-with, content-type”
Header add Access-Control-Allow-Methods “PUT, GET, POST, DELETE, OPTIONS”

As you are hosted on a shared server modifications to the Apache or Nginx Virtual hosts are not possible, there are multiple users hosted on the same server.

What you could do is contact your developer and ask them for further assistance or for a workaround to resolve the issue. If a specific setting is suggested, we would gladly apply it for you.

If you need any further assistance, do not hesitate to contact us again."

What I’m wondering is how come I’m able to embed YouTube videos onto my website using X Theme, but not this form. The code for the YouTube video on this page https://www.elcorsolutions.com/file-your-taxes/ for example appears to be iframe content. Any thoughts?

Please try inserting the code in a regular WordPress Text Editor. If that doesn’t work, switch to the default WordPress theme and check if the issue persists. If it does, it most probably is a problem with your iframe. In which case, you should contact the code provider.

Thanks.

Thank you so much for the replies! After further investigation, I discovered the code provider (Citrix ShareFile) needed to enable iframe for my account. It wasn’t mentioned in the instructions, but was reported as an issue in one of their support forums. Sorry for the confusion, and thanks again!

No worries! Glad to hear it’s sorted now.