PhantomJS 2.1.1 with X-Frame-Options disabled in QtWebKit
This version of phantomjs contain the rule "X-Frame-Options" disabled in the source of QtWebKit, this allows, add any url (regardless of the domain) in a frame / iframe object without respect the rule "RFC 7034 HTTP Header Field X-Frame-Options", remember, this is a fork of (https://github.com/ariya/phantomjs) with that change.
To check the differences, let's try running a script that captures the screen of a page containing an iframe to google.com (domain having an x-frame-options denying iframe rendering).
cd test/x-frame-options/ phantomjs screenshot.js test-iframe.html phantomjs-without-mod.png ../../bin/phantomjs screenshot.js test-iframe.html phantomjs-with-mod.png end
Result with original phantomjs
Result with phantomjs mod
Little change in QtWebKit
The change was in the file ./Source/WebCore/loader/FrameLoader.cpp, specific, in the method FrameLoader::shouldInterruptLoadForXFrameOptions, which now always returns false, therefore, ignores the rules of x-frame-options.
How to build
python build.py end
Sorry if I make mistakes in my basic English.