Why don't Google Group pages load in a WebKit Iframe?

Question

In Chrome and Safari, the following loads as a blank frame.

<html>
  <head>
    <title>Iframe Test</title>
  </head>
  <body>
    <iframe src="http://groups.google.com/group/websync"&gt;&lt;/iframe&gt;
  </body>
</html>

Yet the direct URL works fine. What gives?

Answer 1

It works fine in Firefox, although I had to bump the width/height values to make it readable.

Environment: Ubuntu 9.04 server, Apache 2.2.11, FF 3.5.6

Answer 2

Its not a Chrome/WebKit issue. Infact its a Firefox issue.

Try the following, Chrome will load the iframe

<html>
  <head>
    <title>Iframe Test</title>
  </head>
  <body>
    <iframe src="http://groups.google.com/"&gt;&lt;/iframe&gt;
  </body>
</html>

What is happening is, when you requrest for the webpage groups.google.com/group/websync google web server is setting HTTP header

X-Frame-Options: SAMEORIGIN

When X-Frame-Options: is set to SAMEORIGIN, the browser suppose to only allow the content to be framed by pages within the same origin domain, i.e unless your page is coming from google.com, browser is not suppose to let you frame the content of http://groups.google.com/group/websync.

WebKit is doing a better job.