Skip Navigation
Expand
Allow_from attribute not working in Clickjackprevention widget
Answer ID 9791   |   Last Review Date 01/27/2019

How can I allow my CP page to be displayed in an iframe on a specific site?

Environment

Customer Portal (CP)
Oracle Service Cloud - August 2017

Resolution

When allowing a Customer Portal (CP) page to be displayed in an iframe on a certain site (not on all sites), the standard utils/Clickjackprevention widget has to be customized by adding the "allow_from" attribute to the code.

However, when setting the value for this attribute, one must consider what type of URL is provided as a value.  For instance, a code such as:

 <rn:widget path="utils/ClickjackPrevention" allow_from="https://www.domain.com/test/123" />

will not work.

The value set has to be in the form of "www.domain.com" and the code should look like:

<rn:widget path="utils/ClickjackPrevention" allow_from="www.domain.com" />

Available Languages for this Answer:

Notify Me
The page will refresh upon submission. Any pending input will be lost.