I have a problem with loading Piwik stats in an iframe using Safari 5.1.7.
On a webpage I have:
<iframe src="http://webstats.mydomain.com/index.php?module=Login
&action=logme&login=mylogin&password=myhashedpasswordhere"></iframe>
In Safari, the Piwik login page shows and you have to relogin, but if I open that link in new window it works. The site and webstats are on different domains.
The IFrame works in Chrome, Firefox and IE.
I’ve tried to add a header X-XSS-Protection with value 0, but that didnt do anything.
Is there some header I can add or something to make it work in Safari? I wouldnt like to have to tell customers that they need to edit options in Safari as a “quickfix”.