I try to load a random page which I set in my URL, into an iframe. Let's say I try to load "https://www.google.de" in an iframe.

<iframe src="<?php echo $_GET['URL'];?>" width="600" height="500"></iframe>

This is how I set the URL:

localhost/test/index.php?URL=https://www.google.de

Only a blank page is loaded. I know the reason for this is that Google is sending an "X-Frame-Options: SAMEORIGIN" response header.

However, I try to find a way to load it anyway, someone told me to use a PHP Proxy script to do this, but I researched and found nothing helpful yet.

How can I solve this?

Use this script uncomment the proxy lines if you are behind any proxy server and want to bypass it using the authentication the proxy url, domain, username, password.

I used header("Access-Control-Allow-Origin: *"); Since I was calling this script from a different domain.

File: proxyscript.php

<?php
    header("Access-Control-Allow-Origin: *");

    echo get_page($_GET['url']);
    //echo get_page("http://www.google.com");
    function get_page($url){
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL,$url);
        /*
        $proxy = 'http://proxy.company.com:8080';
        $proxyauth = 'domain\proxy_username:proxy_password';
        curl_setopt($ch, CURLOPT_PROXY, $proxy);
        curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyauth);
        */
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        $data = curl_exec($ch);
        curl_close($ch);
        return $data;
    }
?>

File: index.html

<html>
    <head>
        <script>
            function getURL(url){
                document.getElementById('frame').src 
                   = 'path/to/proxyscript.php?url='+encodeURIComponent(url);
            }
        </script>
    </head>
    <body>
        <button onclick="getURL( 'http://www.google.com')">Google</button>
        <iframe id="frame" src=""></iframe>
    </body>
</html>