When you try to open the Appinv.aspx page in an iframe, the page isn't successfully displayed. When this issue occurs, the request response headers include an "X-FRAME-OPTIONS: DENY" message.
To help maintain security, the Appinv.aspx page is prevented from being displayed in an iframe.
To fix this issue, install one of the following updates:
To display the Appinv.aspx page in an iframe in trusted domains, the farm administrator can add the trusted domains to the AllowIframeAppAuthorizePageDomains list in the farm by running the following commands:
$f.AddGenericAllowedListValue("AllowIframeAppAuthorizePageDomains","<enable domain name>")
You can add one trusted domain to the AllowIframeAppAuthorizePageDomains list by using the commands every time. Additionally, you can add a wildcard domain, such as *.contoso.com, to AllowIframeAppAuthorizePageDomains.
If you receive the following error message, use AllowIframeAppAuthorizePageDomains2 instead of AllowIframeAppAuthorizePageDomains when you call the AddGenericAllowedListValue method:
“AllowIframeAppAuthorizePageDomains" already exists under the parent Microsoft.SharePoint.Administration.SPFarm named…
Additionally, make sure that you have the Microsoft SharePoint Server March 2022 updates installed.
The following table summarizes some of the most important changes to this topic.
March 8, 2022
Added a note to the "Resolution" section to provide a fix if the AllowIframeAppAuthorizePageDomains setting cannot be applied.