<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><span class="vcard"><a class="email" href="mailto:rniwa@webkit.org" title="Ryosuke Niwa <rniwa@webkit.org>"> <span class="fn">Ryosuke Niwa</span></a>
</span> changed
<a class="bz_bug_link
bz_status_NEW "
title="NEW - Can't login on www.safeco.com"
href="https://bugs.webkit.org/show_bug.cgi?id=157720">bug 157720</a>
<br>
<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>What</th>
<th>Removed</th>
<th>Added</th>
</tr>
<tr>
<td style="text-align:right;">CC</td>
<td>
</td>
<td>jond@apple.com, wilander@apple.com
</td>
</tr></table>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - Can't login on www.safeco.com"
href="https://bugs.webkit.org/show_bug.cgi?id=157720#c2">Comment # 2</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - Can't login on www.safeco.com"
href="https://bugs.webkit.org/show_bug.cgi?id=157720">bug 157720</a>
from <span class="vcard"><a class="email" href="mailto:rniwa@webkit.org" title="Ryosuke Niwa <rniwa@webkit.org>"> <span class="fn">Ryosuke Niwa</span></a>
</span></b>
<pre>I'm seeing the following error:
[Error] Multiple 'X-Frame-Options' headers with conflicting values ('ALLOW-FROM <a href="http://www.safeco.com">http://www.safeco.com</a>, SAMEORIGIN') encountered when loading '<a href="https://customer.safeco.com/accountmanager/Login/loginportlet.aspx">https://customer.safeco.com/accountmanager/Login/loginportlet.aspx</a>'. Falling back to 'DENY'.
[Error] Refused to display '<a href="https://customer.safeco.com/accountmanager/Login/loginportlet.aspx">https://customer.safeco.com/accountmanager/Login/loginportlet.aspx</a>' in a frame because it set 'X-Frame-Options' to 'ALLOW-FROM <a href="http://www.safeco.com">http://www.safeco.com</a>, SAMEORIGIN'.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>