Discourse not shown in iframe

dreadkopp · March 30, 2015, 1:45am

Aloha Communtiy, i am trying to put discourse in an iframe since i don’t have free wildcards at my dyndny hoster.

I run my main apache server at port 80 and the docker containing discourse redirects to port 82.

the page i am talking about is here: http://archy.no-ip.org/forum/

instead of the discourse page at http://archy.no-ip.org:81 it just shows the blank container.

i first thought that it might be a problem with iframe to shown pages which don’t use port 80 or 443 but since another test shows that my plone-environment at port 81 (http://archy.no-ip.org/iframe-test-different-port/) is shown correctly that cannot be it.

Any ideas what’s wrong?

thanks and greetings

jesselperry · March 30, 2015, 1:53am

I wouldn’t plan on it happening.

https://meta.discourse.org/t/loading-stuck-inside-an-iframe/20467/6

dreadkopp · March 30, 2015, 3:02am

But why isn’t it working? can there be done anything else to integrate it into the website?

codinghorror · March 30, 2015, 3:09am

We do not support running in an iframe.

elberet · March 30, 2015, 4:05am

Discourse (actually Rails) sends a X-Frame-Options header that tells browsers that the site does not wish to be embedded in an iframe, hence all modern browsers will simply render a white square. You can see this in e.g. Chrome’s dev console which says

Refused to display 'http://archy.no-ip.org:82/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

The only way to “fix” this is to hack Discourse yourself: move the EmbedController's before_filter and ensure_embeddable method into the main ApplicationController and set the embeddable host site setting. But, while it can be done, you’ll be on extremely unsupported terrain…

dreadkopp · March 30, 2015, 2:35pm

thanks a lot! i thought it would be pretty to have it in an iframe.

will look if i can dig in the code to remove this X-Frame-Options header.

since then i will just use a link.

Many thanks for your reply!

xiasummer · September 18, 2016, 9:55am

I don’t think this is a good answer, we need to know how to support. You can say not supporting now, and the probability solution is …

Mittineague · September 18, 2016, 5:36pm

That post was made before the probability [sic possible] solution was provided in the next post made by elberet

dubeydeepak · March 31, 2017, 8:23am

Just need to add below points inside env Tag, & it will help in fixing issue Xframe option with sameorigin. works for me.

env:
UNICORN_WORKERS: 4
DISCOURSE_ENABLE_CORS: true**
DISCOURSE_CORS_ORIGIN: ‘*’

Kai_Middleton · September 6, 2017, 4:15am

I’m able to load Discourse in an iframe … on Firefox. But not Chrome (or Safari). In Chrome I have the following problem: Nothing is clickable! If I open the inspector and drill into the source it will highlight various elements (e.g. rows), but neither right clicks nor left clicks on any content of iframe have an effect. Any suggestions?

Julian_Somoza · August 16, 2018, 6:41pm

That not change the X-Frame-Options header flag…

Julian_Somoza · August 16, 2018, 6:48pm

There is some checksum or something… because if I modify this file the app wont start…

jack2 · August 16, 2018, 7:24pm

A solution to run Discourse in an iframe is to create a plugin that contains the following code in plugin.rb:

# Changes X-Frame-Options so the site can be embedded in an iframe. See:
# https://github.com/BeXcellent/discourse-allowiframe/blob/master/plugin.rb
# https://github.com/TheBunyip/discourse-allow-same-origin/blob/master/plugin.rb
Rails.application.config.action_dispatch.default_headers.merge!({'X-Frame-Options' => 'ALLOWALL'})

Julian_Somoza · August 17, 2018, 1:46pm

Thanks Jack! I was forked and uploaded a plugin on github in case of someone need it…

https://github.com/somoza/discourse-xorigin/blob/master/plugin.rb

Julian_Somoza · August 21, 2018, 5:32pm

There is a new challenge now, inside the iframe appear an “You were logged out.” modal… I’m researching for solve this…

codinghorror · August 21, 2018, 8:33pm

We do say this is unsupported for a reason.

Julian_Somoza · August 22, 2018, 1:02pm

And the reason is…?

jack2 · August 22, 2018, 1:28pm

@Julian_Somoza, the Discourse team promotes an opinionated way of using Discourse and will not support alternatives. Additionally, they always reminds people of that fact.

That being said, I’m not from the Discourse team, so I can discuss your issue I use Discourse in an iframe for my project and never got the “You were logged out” modal.

Julian_Somoza · August 22, 2018, 1:51pm

And you just overrided the X-Frame-Options header or you did something else? We use Zimbra and want to put the Discourse inside a Zimlet…

jack2 · August 22, 2018, 2:08pm

I overrided The X-Frame-Options header.
I also set same site cookies do Disabled in the settings, but I don’t remember why and if it is required.

Topic		Replies	Views
Cannot get embedding to work Support	11	2407	August 31, 2021
Whitelist, allowed iframe Feature	11	6449	September 27, 2018
Discourse Comment Embed to Support Google AMP? Feature	17	2871	September 8, 2019
Support embedding Discourse in an iframe Feature embedding	15	7716	April 19, 2024
Discourse-webpack: A boilerplate for developing JS-heavy Discourse components Dev	3	1857	January 13, 2022

Discourse not shown in iframe

Related topics