Had this weird problem today, i can login to my web if i access it directly, but unable to do it if my website is on an iframe of another web. I found out that it happen because im using SSL on both of my website (on the iframe) and the iframe parent’s website.
It actually happen because when im successfully login on my iframed-website, it will gives http 302 (Moved Temporarily) to my dashboard page. But somehow the 302 location is not an HTTPS page, it will gives a regular HTTP pages instead. Which is not a problem when im accessing my web directly, but will gives problem when accessed using an iframe website.
The solution is quite simple, using nginx “proxy_redirect” will change my 302 page from HTTP into HTTPS.
proxy_redirect http:// https://;
Hope it helps