The site you're trying to load has either set the X-Frame-Options
] header, or has sent a content security policy (CSP) with the frame-ancestors
] directive, both of which will instruct all modern browsers to prohibit loading the site in an
In the case of Yahoo, it's sending:
which means only pages hosted on the
domain can load other
pages in an
This is generally done for security reasons. There is no way for an HTML page to bypass this.