Community Tip - Want the oppurtunity to discuss enhancements to PTC products? Join a working group! X
Hello,
I want to embed in another website a mashup as iframe.
I have done the configuration like explained in the help :
In the filter "ClickjackFilterWhiteList", I have added domain : http://aa.bb.fr
But it's not working...
With Postman, when I do a get on my url:
http://xxx/Thingworx/Mashups/TEST_VIEW?appKey=xxx&x-thingworx-session=true
I can see the headers:
Content-Security-Policy : frame-src http://aa.bb.fr
Content-Security-Policy : frame-ancestors http://aa.bb.fr
X-Frame-Options : ALLOW-FROM http://aa.bb.fr
So, I guess my config in web.xml is ok.
In the browser, when I enter my url :
http://xxx/Thingworx/Mashups/TEST_VIEW?appKey=xxx&x-thingworx-session=true
The page load but is redirect to url :
http://xxx/Thingworx/Runtime/index.html#mashup=TEST_VIEW&appKey=xxx&x-thingworx-session=true
I can see in the console that CSP (content-security-policy) are not set here. Just the default :
Hi,
thanks for the link. We did several tests but not this one.
The project is paused but I will try to do this test later.
Hi @Ju
Did you get a chance to check the article previously provided? If if helped to solve your issue, please mark the appropriate response as the Accepted Solution for the benefit of others with the same issue.
Regards.
--Sharon
For information, a colleague tried it, it doesn't work.
Regards
Hi @Ju
Are you getting any errors? Have you tried running Dev tools (F12) in Chrome to track down the cause of the issue?
Regards.
--Sharon