Add http header: X–XSRF–HEADER:valid
Complete the following steps to ensure that your Firefox browser is enabled to perform SPNEGO authentication.
- At the desktop, log in to the windows active directory domain.
- Activate Firefox.
- At the address field, type about:config.
- In the Filter, type network.n
- Double click on network.negotiate-auth.trusted-uris. This preference lists the sites that are permitted to engage in SPNEGO Authentication with the browser. Enter a comma-delimited list of trusted domains or URLs.
Note: You must set the value for network.negotiate-auth.trusted-uris.
- If the deployed SPNEGO solution is using the advanced Kerberos feature of Credential Delegation double click on network.negotiate-auth.delegation-uris. This preference lists the sites for which the browser may delegate user authorization to the server. Enter a comma-delimited list of trusted domains or URLs.
- Click OK. The configuration appears as updated.
- Restart your Firefox browser to activate this configuration.
if you are trying to add this Iframe on a SSL-encrypted website (https://), it won’t work any more since Firefox 23 because Mozilla has decided to blocked all unencrypted content on encrypted websites (for example http-iframes on https-websites). You can change this behaviour in your own Firefox installation by typing
about:config in the address bar and setting