I have been using the google+ sign-in API,
- When the user links his new account(By means of not yet signed inGoogle+ social network) in my created api app
- The user is directed to create a Google+ profile screen.
- When submit button is pressed, it was directed to a URL then it doesnt load anymore leaving the screen blank not knowing if theuser's account was created in google+.
I have traced the error containing this:
Load denied by X-Frame-Options: https://accounts.google.com/o/oauth2/auth?XXXXXXXX does not permit cross-origin framing.
Thus it does not continue to the url because the X-Frame-Options is blocking it.
I researched about the X-Frame-Options, saying that it should be set in the header.
How am I going to set it in this header:
<meta name="google-signin-clientid" content="{{=response.CLIENT_ID}}" /><meta name="google-signin-scope" content="https://www.googleapis.com/auth/plus.login" /><meta name="google-signin-requestvisibleactions" content="http://schemas.google.com/AddActivity" /><meta name="google-signin-cookiepolicy" content="single_host_origin" />And I am rendering my button this way:
(function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/client:plusone.js?onload=render'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); function render() { // Additional params including the callback, the rest of the params will // come from the page-level configuration. var additionalParams = {'callback': signinCallback,'immediate': false, }; // Attach a click listener to a button to trigger the flow. var signinButton = document.getElementById('signinButton'); signinButton.addEventListener('click', function() { gapi.auth.signIn(additionalParams); // Will use page level configuration }); }Or what are the other ways to set it? Or how can this be the error be fixed? My backend part is python.