WordPress custom contact form does not display text or redirect

Posted on

The WordPress Custom Contact Form did not display the “Thank you” text after submitting my contact form, nor it was redirecting when I changed it to.

I saw that php was returning correct JSON code:
{"success":true,"action_type":"redirect","completion_redirect_url":"...

After enabling Firebug debugging in Firefox, I came across this interesting message:
firebug debugging of wordpress plugins

The thing with ajax/jquery scripts is that they are rendering html code in a frame or iframe tag. This can be a security hole in some form because it can allow a hacker to inject a script that will execute remote code.

This can be controlled with the X-Frame-Options http header that instructs the browser to either render/not render/render from the same origin domain code into frame or iframe tags.

In my Nginx configuration it was set to deny:
add_header X-Frame-Options Deny;
And changed it to:
add_header X-Frame-Options sameorigin;

Now, my form submissions are successful.

No related posts.

Posted in Wordpress and tagged .

Leave a Reply

Your email address will not be published. Required fields are marked *


× two = 14

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>