Good day!
I've been googling for a long time, but still no success.
Problem: Let's supose we have a google document, which have embeded into some site with iframe, following google docs guide. User have one tab in which he is authorized with it's account in google. He visites our site and see document. He can access it, edit it, and whatever he whants. Now, he desides to change his auth in google, he logs out and than logs in with different account. He DOESN'T reload our site (because it is ajax based), and now he tries access our document. And here comes a fail. He sees a blank page. in chrome js console there is an error:
Refused to display https://**docs**.google.com/SamplePDFURL in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN.
In iframe src = "docs.google.com" .
What happens? When user changed authorization, it's cookies have been changed and he became not authed for this doc and google automaticaly redirects frame to account.google.com auth page. BUT! This auth page is on different domain ACCOUNT. , and since google follows "same origin" security policy, we get error in console and blank iframe for user.
How to work around this?
Please help somebody.
As I said, I didn't find any working solution for this.a