Adobe Experience Manager Sites & More

viveksachdeva · 9:07:14 AM

Hi,

I have a chatbot which I need to embed in on my page using iframe. The chatbot is hosted on a different domain. Whenever I embed it using iframe, I am getting error : "Refused to display ... in a frame because it set 'X-Frame-Options' to 'deny'."

I tried setting X frame policy in Sling Main Servlet to Allow from this domain but it shows "'ALLOW-FROM' is not a recognized directive. The header will be ignored."

Any suggestions on how I can achieve this?

Thanks in advance

BrianKasingli · 4:44:27 PM

Hello there,

It seems like it may be a problem with the chat bot itself. Check the response headers for:

Content Security Policy (CSP) frame-ancestors directive
X-Frame-Options

Do they allow the use for iframe for consumption?

AEM pages should be able to display iframes without much configuration, but from experience, it’s not a good practice to use iframes on your webpages because ow security issues.
You can start with a simple <iframe> that refers to https://google.com to validate that no AEM configuration is required.

원본 게시물의 솔루션 보기

BrianKasingli · 4:44:27 PM

Hello there,

It seems like it may be a problem with the chat bot itself. Check the response headers for:

Content Security Policy (CSP) frame-ancestors directive
X-Frame-Options

Do they allow the use for iframe for consumption?

AEM pages should be able to display iframes without much configuration, but from experience, it’s not a good practice to use iframes on your webpages because ow security issues.
You can start with a simple <iframe> that refers to https://google.com to validate that no AEM configuration is required.

Adobe Experience Manager Sites & More

Not able to embed iframe from different domain

학습

기술 문서

이벤트

커뮤니티

고객 지원

리소스

Adobe 계정

Adobe