Allowed iframes whitelist not working - 'x-frame-options: SAMEORIGIN'

boazcstrike · June 30, 2022, 9:53am

Hi Jammy!

We finally made it work.

There was a hidden setting called allow_embedding_site_in_an_iframe and we just set it to true inside the rails app:

SiteSetting.allow_embedding_site_in_an_iframe = true

Thank you!

Topic		Replies	Views
Browser prevents Discourse from rendering in iframe despite proper configuration (`X-Frame-Options: SAMEORIGIN`) Bug embedding	0	64	November 12, 2024
Replacement for whitelist-iframe Support	3	1861	April 27, 2020
X-Frame Origin Embed Error Support	14	5289	July 20, 2020
Supporting iframe embeds from different domains? Feature	58	23008	August 30, 2018
Discourse not shown in iframe Support unsupported-install	30	8394	April 26, 2021