The dirty way

The idea of a map integration for our ships is pretty cool. We are already loading ships from Kystverkets api where we get the ship ids and store them in Dynamics. These ids can be used to lookup the specific ship and we have added an iframe to the lead form to generate the correct url. As it turns out, kystverket is not allowing us to show their website because… security 🙁

Nasty hacker to the rescue!

We discovered that you can add a chrome extension to ignore x-frame headers. By adding the attribute is="x-frame-bypass" to the iframe html element, the iframe now bypasses the X-Frame-Options: deny/sameorigin response header from kystverket. The result:

By this we claim the Nasty Hacker badge! #rocksolidgeekness