The iframe (#src-iframe) lacks the "allow-same-origin" flag. As a result, there is no content in it when X-Frame-Options is set to DENY for security reasons. Any chance of adding the "allow-same-origin" flag?

Hi, the iframe code is here
Feel free to add it and PR

The iframe does not have sandbox, so allow-same-origin flag should not be necessary