I’m recently making the use of Iframe and postmessages for running a project. I run into problems while testing it for Internet Explore (not a news).
The fact is, IE is pretty bad also at stating errors, the only things that it says is that the form where blocked for security reason saying
I initially thought of the X-Frame-Option, and with django you can fix it by annotating the view with @xframe_options_exempt. This works but not when you POST to a view within the Iframe. This beacuse Django uses CSRF cookie while IE blocks cookie of a third party.
The soluition is pretty easy: THERE’S NO SOLUTION. As explained in this ticket. The best one seems to be the one of not using Iframe. Or to remove CSRF for that specific view.
A thing that took me forever to solve this problem is the fact that django can’t show you the page 403 since it’s protected for Iframing (you need to rewrite the 403handler, maybe the 403csrfhandler if existsts) and then IE tells you that the page can’t be displayed for security reasons, which at first sights it’s impossible to grasp the reason.