"this content cannot be viewed in a frame" error the first time I load the page

The problem is similar to one described here but because of .net Core. And the solution is also similar.

You can also use the recommendations done by @user770 in the comments of the question. However, that does not solve the iframe block. And neither this answer explains why refreshing the page solved the issue. However, that is not a good experience for users.

So, the solution is easy, and can be done by code, that way oyu are more secure if any one tries to overwrite the X-Frame-Otions settign in your server. Any multiple setting will derive in 'deny'.

In the startup.cs file on your project you have to add this, for preventing .net core to add 'sameorigin' setting automatically.

 public void ConfigureServices(IServiceCollection services) {        //YOU CAN HAVE SOME CODE HERE        services.AddAntiforgery(o => o.SuppressXFrameOptionsHeader = true); }

However, this may lead to risk in your site, and this scenario is intended to be applied when you have control on both sites and both domains.

To secure the site, you have to set X-frame-options setting to allow the domain you want. Again in startup.cs do the following.

    public void Configure(IApplicationBuilder app, IHostingEnvironment env)    {        //YOU MAY HAVE SOME CODE HERE        app.Use(async (context, next) =>        {            context.Response.Headers.Add("X-Frame-Options", "ALLOW-FROM http://*.MYCONTROLLEDDOMAIN.COM https://*.MYCONTROLLEDDOMAIN.COM");            await next();        });    }

That way you will allow your domain to request this website within an iframe.