Hello
I see that when click on live preview of item theme, opens demo of theme, but is not working, is only blank page. If hit x and close frame, all are ok.
I see this on all my themes joomla, wordpress and on other authors.
Somebody know something about this issue?
Thanks
It’s not an issue with Envato, it’s actually an issue with your server:
Refused to display ‘http://revis.payo-themes.com/’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.
The relevant header sent back by your server is below - you can find this in the Network tab of your browser’s developer tools:
X-Frame-Options: SAMEORIGIN
Setting X-Frame-Options to SAMEORIGIN means other websites, including ThemeForest, cannot embed your site in a frame. There are two options to resolve this:
This will ultimately depend on how the header was set. You can try a general .htaccess rule like the following, but it’s not guaranteed to work, so make sure to test it with your browser’s devtools.
Header unset X-Frame-Options
Add the Content-Security-Policy header to your website and specify the marketplace’s preview URL as a permitted frame ancestor. This will override the X-Frame-Options header in modern browsers.
Content-Security-Policy: frame-ancestors https://preview.themeforest.net/;
If you care about supporting older browsers, you might also want to override the X-Frame-Options with an allow rule like below, but this won’t work for most modern browsers.
X-Frame-Options: ALLOW-FROM http://preview.themeforest.net/
Here’s an example on how to do both with an .htaccess file (mod_headers is required):
Header always append X-Frame-Options "ALLOW-FROM http://preview.themeforest.net/"
Header always append Content-Security-Policy "frame-ancestors https://preview.themeforest.net/;"