I've also tried to set enable_framed_settings=1 enable_framed_pages=1 in the config.ini.php but with no result.

Did you add below the [General] section?

and if you create a 'test.html' file and open it with developer console do you see a HTTP header setting x-frame-options in the response?

This is how my config.ini.php looks like:

[General]
salt = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
enable_framed_settings=1
enable_framed_pages=1
trusted_hosts[] = "www.example-two.com"
trusted_hosts[] = "https:// www.example-two.com/"

I'm still getting the error message:
Refused to display 'https://www.example-one.com/analyse/index.php?module=CoreAdminHome&action=optOut&language=de' in a frame because it set 'X-Frame-Options' to 'sameorigin'

and if you create a 'test.html' file and open it with developer console do you see a HTTP header setting x-frame-options in the response?

Where should I create this file on example-one.com/analyse/ ?

you could try adding the "example-one.com" in a new trusted_hosts entry as well if Piwik runs off there too?

Where should I create this file on example-one.com/analyse/ ?

yes

Hi there, to fix the issue can you try upgrade to the latest Matomo version?
https://matomo.org/docs/update/

if you still experience this issue afterwards, please re-open this and post a comment. Thanks!

Hi.

I have a domain where my Matomo runs from: analitika.mydomain.com
I have a main website: mydomain.com

This is the config.ini.php:
[General]
force_ssl = 1
enable_framed_pages = 1
enable_framed_settings = 1
trusted_hosts[] = "analitika.mydomain.com"
trusted_hosts[] = "https://analitika.mydomain.com"
trusted_hosts[] = "mydomain.com"
trusted_hosts[] = "https://mydomain.com"

I'd like to embed the privacy opt-out iframe on mydomain.com but I get this error message:
Refused to display 'https://analitika.mydomain.com/index.php?module=CoreAdminHome&action=optOut&language=hu&backgroundColor=&fontColor=&fontSize=&fontFamily=' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

I have Matomo version 3.10.0 installed.

Any idea?

@forreggbor do you have any third party plugin installed? It should use allow AFAIK as x-frame-option value with Matomo 3.10

I have the following plugins installed and activated:

Actions (Core)
Annotations (Core)
BotTracker (v1.03)
BulkTracking (Core)
Contents (Core)
CustomPiwikJs (Core)
CustomVariables (Core)
Dashboard (Core)
DeviceNetworkInformation(v3.0.3)
DevicePlugins (Core)
DevicesDetection (Core)
Diagnostics (Core)
Ecommerce (Core)
Events (Core)
ExcludeByDDNS (v3.0.0)
Feedback (Core)
GeoIp2 (Core) Beállítások
Goals (Core)
Heartbeat (Core)
HidePasswordReset(v1.3.3) Beállítások
ImageGraph (Core)
Insights (Core)
IntranetMeasurable (Core)
Live (Core)
LogViewer (v3.0.4)
Login (Core) Beállítások
Marketplace (Core)
MobileAppMeasurable(Core)
MobileMessaging (Core)
Monolog (Core)
MultiSites (Core)
Overlay (Core)
PrivacyManager (Core) Beállítások
Provider (Core)
Referrers (Core)
ReferrersManager (v3.0.4)
Resolution (Core)
RssWidget (Core)
SEO (Core)
ScheduledReports (Core)
SegmentEditor (Core)
Tour (Core)
Transitions (Core)
TreemapVisualization(v3.1.1)
TwoFactorAuth (Core) Beállítások
UserCountry (Core)
UserCountryMap (Core)
UserId (Core)
UserLanguage (Core)
VisitFrequency (Core)
VisitTime (Core)
VisitorInterest (Core)
VisitsSummary (Core)
WhiteLabel (v3.3.7) Beállítások
Widgetize (Core)

I ran into this issue with the Opt-out iframe as well. In my case it's the server. For example it can be a default setting on nginx or configured in htaccess (apache).