maxmcd
commented
7 months ago I ran into a similar issue where a val.town embed was returning a 401 because my jwt had expired and the error page was returning x-frame-options:deny. Visiting val.town and then returning to the embed fixed things.
Might want to gracefully handle auth failures in vals and not deny the iframe on embed error responses.
Embedded vals sometimes fail to load, which leads to confusion. Often a refresh works, but sometimes it takes more than one.
https://discord.com/channels/1020432421243592714/1020432421243592717/threads/1206842458554634240
There are 2 approaches possible: