Why does the Embedded Web App show a blank page?
There are usually two possible reasons for the Embedded WebApp to be showing a blank page:
Most current browsers block mixed content for security reasons. What this means is that the webpage you are on is on HTTPS and the page being loaded in the iframe is HTTP. To fix this problem, you can either configure your browser to allow mixed content or use HTTPS for both urls.
For security reasons, some sites do not allow the page to be loaded in an iframe, which is what the Embedded Web App uses. Many Web Applications protect themselves from a vulnerability called “Clickjacking” by adding X-Frame-Options in the Header to prevent that Web Application from being hosted in an iFrame. Clickjacking is where a hacker puts up a website that simply wraps the entire targeted Web Application in an iFrame, so that they can intercept the keys being pressed. It is in this way that they can steal the User’s account information and/or anything they enter into the targeted Web Application. Current browsers do support an ALLOW-FROM X-Frame-Option that would allow saying that the Web Application can be loaded in an iFrame, but only when in a different Web Application (like the Finesse Desktop).
You can see if the site is allowed in an iframe by using this iframe checker.
Comments
2 comments
Hello
Even my link being https Firefox is blocking 3rdparty embedded gadget. I try with https://www.cisco.com what happens the same error.
Does anyone have the same problem and managed to solve it?
Finesse version 11.6
Thank you
Hi Eduardo,
https://www.cisco.com doesn't allow being loaded in an iframe. I usually like to use https://www.bing.com.
Thanx,
Denise
Please sign in to leave a comment.