I am running Ghost CMS and mapped both https://www.mydomain.com and https://mydomain.com to the same Ghost site. When login to the admin page and click on “View site”, the following message appear in the right frame:
Blocked by X-Frame-Options Policy
An error occurred during a connection to mydomain.com.
Firefox prevented this page from loading in this context because the page has an X-Frame-Options policy that disallows it.
This only happens for the url with ‘www’ in it.
ie https://www.mydomain.com/ghost/#/site
but the one without it worked fine. The site is loaded in the right frame without problem.
ie https://mydomain.com/ghost/#/site
From this documentation X-Frame-Options - HTTP | MDN it indicated that this is to prevent other sites from embedding your site in a frame.
Right click on the frame to check source showed that no matter which admin url is used, the “View site” is always loading the one without the ‘www’ basically https://mydomain.com and that explains why the blocked message poppedup when using the admin url with ‘www’ in it.
Is there a way to ‘fix’ this so that both admin url would work?