Hi guys,
We’re firewalled off the internet, like the Disney/TPN rules require. Shotgun goes through the firewall. We have some local services like our wiki, that do not go through the firewall. We want to embed our wiki in shotgun pages using the URL widget, but we have problems with that - enabling its iframe embed settings is not enough to get it working.
Thanks
Hey Hristo!
Does your wiki happen to be Confluence? Certain services like that actively block iframe embedding. For Confluence, at least, there are some workarounds available:
https://confluence.atlassian.com/confkb/confluence-page-does-not-display-in-an-iframe-827335781.html
Depending on what you’re trying to embed, you may have more/fewer options.
Hi,
It happens to be mediawiki, and we’ve set these embed params, but no luck yet:
Roger that, Hristo. If you open up the browser console when you try to embed, are there any Javascript errors there? They may provide a clue as to what it’s getting hung up on.
We’re seeing an error saying x-frame-options is set to ‘deny’ although we’ve set it to ‘sameorigin’, which is weird
That error seems like the wiki is still actively blocking the embedding. If you try putting a 3rd party site in the URL widget that doesn’t block embedding, do you get the same behavior or does it show up?
Yes seems so - I’ll check with another of our locally hosted services Monday
Hi,
I’ve checked with our Grafana and Kibana, and they work
Thanks for the added test, Hristo. It sounds like there may be some lingering setting or pref in MediaWiki. If you’ve already done what they recommended in the article you linked earlier you may need to contact their team to see what else could be blocking the embed.
Ok, mailed their support, thanks!
The iframe will not work if you mix https/http. If your Shotgun website uses https, make sure your wiki is accessed through https as well.
Andriy.
Thanks, we have the wiki via https, but it’s still not working
Latest we found is that Chrome is blocking iframe explicitly, so that avenue seems closed. It’s an old and unsecure tech anyways, would be great if there’s an updated solution
We’re considering something similar. I’m curious how you were intending to secure access to the wiki? Require a separate wiki login? HTTP referrer (not very secure)? Other?
We are hosting it on the internal network, and it would only be accessible from there. As should Shotgun, btw, with all the proxy renders there and people logging from anywhere - whitelisting logging IPs should not be an extra, but a basic security option.