Since beginning of April the login on iOS later than iOS 7 doesn’t work anymore. It is using a Cross-Origin-Url like described in https://auth0.com/docs/cross-origin-authentication.
I am using auth0.js v9 in a custom form and I am not using the Lock widget.
Whenever I try to login it shows a white screen and the console throws the following error:
Refused to display ‘https://example.com/callback-cross-auth#origin=https://example.eu.auth0.com’ in a frame because it set ‘X-Frame-Options’ to ‘SAMEORIGIN’.
How can I get around that? It’s thrown on iOS > 7 in Safari and Chrome.
On other clients it is working fine and as expected.