Sam

The X-Frame-Options HTTP Header is set to "sameOrigin", which means that you cannot load content from another domain/host.

If you want to have that happen, you will have to (at least) remove that header in IIS.

In IIS Manager (under Windows Adminitrative Tools in Win10 or similar), go to the virtual directory involved, select the HTTP Response Headers applet and open it, find that header in the list and remove it. You can't just set it to something else. because the only correct values are "sameOrigin" and "deny".

If it still doean't work (remember to clear the browser cache), report back here.

Mike