Please stop sending x-frame-options:SAMEORIGIN

Modern study methods include active recall (guess-and-check) and spaced repetition (answering correctly makes the question come back later, answering incorrectly makes the question come back sooner). Board game puzzles are inherently active recall (as opposed to passively reading someone else’s game’s moves), but don’t inherently use spaced repetition. Spaced repetition works really well for languages, and I suspect that doing puzzles from easiest to hardest with the scheduler (approximating after how many months you may forget a certain strategy) works better than attempting random puzzles at your current elo rating, like most people do.

I personally use Anki (an active recall/spaced repetition/digital flash card app) with FSRS (an open-source review scheduler using the Difficulty-Stability-Retrievability memory model similar to how SuperMemo does).

In order to individually schedule reviews for each puzzle, I need to access each individual puzzle, by A) somehow copy the entire scripting/move list/ai player/database into local offline html flash cards or B) link to the puzzle’s url or C) the text of the card tells me where to manually go find the puzzle, even if it’s in a hardcover book. B is the easiest option.

A quirk of Anki is that, while each flash card is an individual html/css/js page generated from text fields stored in an sql database combined with an html template, when you are reviewing and switching from one flash card to the next, the internal pyqt6 web browser’s hidden address bar url isn’t changed. Instead, the content of the page is swapped out using rust/python/typescript/javascript to render the next page. So in order to render external content I need to A) embed it in an iframe unless that fails because of x-frame-options, or B) use javascript to change window.location.href which opens the puzzle externally in the default web browser and I have to manually (or with greasemonkey/autohotkey) close the tab and switch windows when I’m done, or C) write an addon to change the url and back, and addons only work on a pc, not android/iphone because of play store sandboxing rules (I wrote one incorrectly, so sometimes when flipping to the next card it can get stuck on a blank page and I need to leave/re-enter the study session to see the next card)

As far as I can tell, there is no rhyme nor reason as to whether a site will disallow iframe embedding.
refused to connect: checkers, sign language dictionary, rna folding
connects: blackbox, chinese/japanese/korean/laser/normal chess, connect four, draughts/frisian, spanish dictionary, dna alignment, go, hashi-o-kakero, nonograms, rush hour
checkers, dictionaries, and biochem are on both sides of the fence.

Please stop sending x-frame-options:SAMEORIGIN, at least for …/problems/*

Testing: To see whether that header is sent:
Firefox or Chrome→right-click→Inspect (Q)→Network tab→press F5 to reload the page→scroll up and select the first GET/document/html row→right sidebar→Headers→scroll down→Response Headers→scroll down→x-frame-options:SAMEORIGIN
or save a .html file containing <iframe width="100%" height="100%" src="https://www.checkercruncher.com/problems/755"></iframe> and see if it loads

links:
why spaced repetition? ncase.me/remember/
Anki (and not its counterfeits) apps.ankiweb net/
FSRS (the new) www.reddit com/r/Anki/comments/18jvyun/some_posts_and_articles_about_fsrs/
SuperMemo (the original) supermemopedia com/wiki/SuperMemo_15_Freeware
how not to write bad cards www.supermemo com/en/blog/twenty-rules-of-formulating-knowledge
list of board game puzzle websites I use, and how compatible they are with hotlinking versus scraping github.com/ankitects/anki/issues/2007#issuecomment-1962902817

That’s an interesting use case, not one I thought of. I hope you find a work around that works for you,
but this is not something I can turn off. The Same-origin policy - Wikipedia is an important security layer for problem comments and anything else that allows user generated content.

For the problem comments, I’m pretty sure they don’t allow weird html or JavaScript shenanigans but in case I missed something, I’m leaving the same-origin policy on.