Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
IW App inside an IFRAME
#1
Howdy All!

I have a customer trying to run my IW 15.x app inside an IFrame (which I have always said I don't OFFICIALLY support).

If I open the browser debug routines and look at the console output if my IW app is run from within an IFRAME, all my local resources in the WWWRoot folder get 404 errors. If I run the IW app outside of the IFrame, it works as expected.

Anyone else have this issue and come up with a fix?

All the best,

Shane
Reply
#2
Hi Shane. I have an app running inside an iframe here: https://fidelidade.club/promocoes.html?c...7449000152
Take care of same configs in your server, like:
X-Frame-Options = DENY, maybe X-Frame-Options = ALLOW
Content-Security-Policy = frame-ancestors self HTTPS:;
Reply
#3
(09-03-2021, 01:13 PM)Jose Nilton Pace Wrote: Hi Shane. I have an app running inside an iframe here: https://fidelidade.club/promocoes.html?c...7449000152
Take care of same configs in your server, like:
X-Frame-Options = DENY, maybe X-Frame-Options = ALLOW
Content-Security-Policy = frame-ancestors self HTTPS:;

(09-03-2021, 01:13 PM)Jose Nilton Pace Wrote: Hi Shane. I have an app running inside an iframe here: https://fidelidade.club/promocoes.html?c...7449000152
Take care of same configs in your server, like:
X-Frame-Options = DENY, maybe X-Frame-Options = ALLOW
Content-Security-Policy = frame-ancestors self HTTPS:;

Howdy Jose,

First thanks for the reply.

The results are the same with a stand-alone IW exe server.

Are you suggesting I look at the IFRAME sandbox options or something else?

All the best,

Shane
Reply
#4
I've run applications in IFRAME before and never had any issues like that. It may happen that your application needs to be configured to keep the session without cookies in this particular scenario (you can also try to set CookieOptions.SameSite = ssoNone and CookieOptions.Secure = True, cause it may work)
Reply
#5
(09-15-2021, 03:43 AM)Alexandre Machado Wrote: I've run applications in IFRAME before and never had any issues like that. It may happen that your application needs to be configured to keep the session without cookies in this particular scenario (you can also try to set CookieOptions.SameSite = ssoNone and CookieOptions.Secure = True, cause it may work)

Howdy Alexandre,

Thanks for the reply - I already had the CookieOptions set the way you suggested. 

I then disabled cookies and it worked but I got an 'Invalid page context' on each page... I then unchecked CheckFormId  and all seems to be working.

Thanks,

Shane
Reply
#6
FWIW, some clients do use an iFrame for our app.
I had to set TIWServerController::CookieOptions->SameSite = ssoStrict; because of security restrictions in Chrome.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)