Hi,

If I get to your site I see in the console that you have enabled the resize for the same domain.

The problem you have is described here:

http://www.tinywebgallery.com/blog/advanced-iframe/advanced-iframe-pro-demo/how-to-use-the-samesite-cookie-fix

So you main problem is that in your commerce site the cookies are not set properly. they are not secure and also samesite is set the lax for many. Can you change the cookies? If not you can try adopting the .htaccass so that the cookies are set properly. One issue can be the the cookies have set lax already. so I don't know if the rewrite does work. So you have to try this.

The safari fix cannot work if the cookies are rejected in the first place.

Best regards,

Michael

Hi Michael

Thanks for the reply. I have this in the .htaccess file on the commerce site:

<IfModule mod_headers.c>
Header always edit Set-Cookie ^(.*)$ $1;Secure;SameSite=None
Header always append X-Frame-Options ALLOW-FROM vintagedesklamp.co.uk
Header always append X-Frame-Options ALLOW-FROM samcosport.com
</IfModule>

Should that work?

Allow-From will most likely throw an error.

https://caniuse.com/x-frame-options   actually not really supported.

About the cookie. You need to test. As I have written here:
http://www.tinywebgallery.com/blog/advanced-iframe/advanced-iframe-pro-demo/how-to-use-the-samesite-cookie-fix

is seems depending on your server you need to use a different syntax.

So simply try. You see in the developer tools how you cookies look like.

Best regards, Michael

Hi Michael

I'm afraid I am still having trouble with this. I can see that the cookies from the ecommerce ( https://samcosport.keekmerch.com ) store are secure and have SameSite=None (see attached) and it works in Firefox, but I cannot get it to work in Chrome or Edge. Could you walk me through the settings I need please? What have I done wrong? If I set the Safari URL to all:src it just opens the ecommerce site, not the page with the iFrame.