Requirement:
I own a website which is hosted on server "A" and I would like to insert a CDE dashboard from my pentaho server "B" as an Iframe on one of the sites pages.
Problem:
When the page on server "A" loads I can see the CDE Dashboard but none of the components load (just the Images and static "stuff").
Error:
When using chrome's javascript console (FireBug for Firefox) I get the following:
Uncaught SecurityError: Blocked a frame with origin "B" from accessing a frame with origin "A". Protocols, domains, and ports must match.
Research:
Looking into the error I found that it has to do with the Cross Domain Security guidelines that disable Javascript (scripting in general) from one domain/protocol/port to be executed on another domain/protocol/port therefore preventing the CDE Dashboard to load correctly since it uses Javascript to generate various components/parameters/etc.
Already Did:
1. Put "header always append x-frame-options GOFORIT" on the apaches httpd.conf
2. Put "header always append x-frame-options ALLOW-FROM http://mysite.site.com" on the apaches httpd.conf
3. Put "header always append Access-Control-Allow-Origin "*"" on the apaches httpd.conf
But none worked. I'm getting the same error.
Something that kinda worked:
I was able to point the Iframe to one of the webdetails CDE demo dashboards and that worked just fine.
My final question is what is different in the webdetails security configuration that I need to adjust in my Apache/Tomacat/Pentaho Server to be able to run my CDE dashboards through a external Iframe?
Thanks,
I own a website which is hosted on server "A" and I would like to insert a CDE dashboard from my pentaho server "B" as an Iframe on one of the sites pages.
Problem:
When the page on server "A" loads I can see the CDE Dashboard but none of the components load (just the Images and static "stuff").
Error:
When using chrome's javascript console (FireBug for Firefox) I get the following:
Uncaught SecurityError: Blocked a frame with origin "B" from accessing a frame with origin "A". Protocols, domains, and ports must match.
Research:
Looking into the error I found that it has to do with the Cross Domain Security guidelines that disable Javascript (scripting in general) from one domain/protocol/port to be executed on another domain/protocol/port therefore preventing the CDE Dashboard to load correctly since it uses Javascript to generate various components/parameters/etc.
Already Did:
1. Put "header always append x-frame-options GOFORIT" on the apaches httpd.conf
2. Put "header always append x-frame-options ALLOW-FROM http://mysite.site.com" on the apaches httpd.conf
3. Put "header always append Access-Control-Allow-Origin "*"" on the apaches httpd.conf
But none worked. I'm getting the same error.
Something that kinda worked:
I was able to point the Iframe to one of the webdetails CDE demo dashboards and that worked just fine.
My final question is what is different in the webdetails security configuration that I need to adjust in my Apache/Tomacat/Pentaho Server to be able to run my CDE dashboards through a external Iframe?
Thanks,