Iframe onebox has stopped working

(David Taylor) #1

I’ve set up one of our organisation’s systems to provide a onebox using this HTML tag

As an example: on the page https://domain.here/2345, I have this tag:

<link rel="alternate" type="application/json+oembed" href="https://domain.here/2345/oembed_json/" title="Onebox Embed">

https://domain.here/2345/oembed_json/ then provides

{"version": "1.0", "type": "rich", "html": "\u003ciframe src=\"https://domain.here/2345/embed/\" frameborder=\"0\" width=\"100%\" height=\"250\"\u003e\u003c/iframe\u003e"}

This used to work great, but has stopped working in the last few weeks (not sure exactly when). Currently on the latest version of Discourse, and I can reproduce the issue on meta. Oembed shows up fine on Iframely URL Debugger - Open Graph, Twitter Cards, oEmbed

I’d rather not make the URL to the actual system public, but can PM it to someone if that would help.

(Régis Hanol) #2

Any chances you could share one example? Even via a PM is fine.

(David Taylor) #3

I’ve setup a very simple example which displays the same issue. This URL should be oneboxing and becoming an iframe:



Works fine on the iframely debug tool and used to work fine on Discourse until about a month ago. Any ideas on what I can do to get this working again?

	<title>Test Page to be embedded</title>
	<link rel="alternate" type="application/json+oembed" href="http://discourse-test.taylorhq.co.uk/oembed_json.json" title="Embed JSON">
    This is a web page which has an application/json+oembed tag linking to <a href="http://discourse-  test.taylorhq.co.uk/oembed_json.json">Here</a>
   "html":"\u003ciframe src=\"http://discourse-test.taylorhq.co.uk/embed.html\" frameborder=\"0\" width=\"100%\" height=\"250\"\u003e\u003c/iframe\u003e",
	<title>Test Page</title>
This is the page that should be displayed in the iframe

(Jeff Atwood) #4

I don’t think we support arbitrary embeds like that. The proper opengraph or oembed should have title, summary, image etc fields.

(David Taylor) #5

There are references to “rich” embeds with iframes in the “generic” onebox:

I believe the “whitelist” got removed fairly recently… could that be the issue? My site is no longer whitelisted?

(Mittineague) #6

I don’t think so. AFAIK the approach was changed from “don’t onebox unless whitelisted” to "onebox all the things unless blacklisted"
Conditional upon the “thing” being oneboxable of course.

(David Taylor) #7

I’ve finally tracked down the cause of this. It broke on 6th Jan, after this commit by @zogstrip

My iframe already has a fixed height, defined in pixels like this

<iframe src="http://discourse-test.taylorhq.co.uk/embed.html" frameborder="0" width="100%" height="250"> </iframe>

The commit above added checks that data[:height] exists before accepting a ‘rich’ onebox… however, it’s not pulling that height from the parsed HTML, it’s trying to get it from the oembed JSON file. @zogstrip is this expected behaviour? Should I be defining the height of the iframe in the oembed JSON?