Error "Refused to display 'https://abc.com/' in a frame"

Hello,

Running into an issue where iframe is not able to render a domain and we are getting the error “Refused to display ‘https://abc.com/’ in a frame because it set 'X-Frame-Options” to ‘sameorigin’."
To solve this I’m trying to Set Static “Access-Control-Allow-Origin” Header name but I’m getting an error that ‘set’ is not a valid value for operation because it cannot be used on header ‘Access-Control-Allow-Origin’ (Code:20087)".

Please advise how to proceed.

Thank you,
Jennifer

Where are you trying to set that? It should be a Response header:

It’d be better to fix the X-Frame-Options problem. It may be set if you’re using Managed Transforms:
https://developers.cloudflare.com/rules/transform/managed-transforms/reference/#add-security-headers

Or if your server set it, use Transform Rules for Response headers to Remove it.