I am developing a website that is supposed to be responsive so that people can access it from their phones. The site has got some secured parts that can be logged into using Google, Facebook, ...etc (OAuth).
The server backend is developed using ASP.Net Web API 2 and the front end is mainly AngularJS with some Razor.
For the authentication part, everything is working fine in all browsers including Android but the Google authentication is not working on iPhone and it gives me this error message
Refused to display 'https://accounts.google.com/o/openid2/auth
in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
O.K. after spending more time on this with the help of this SO post
I managed to solve the issue by adding
&output=embed to the end of the url before posting to the google URL:
var url = data.url + "&output=embed"; window.location.replace(url);