Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk 5.0.5 upgrade stopping iFrames from working??

watsm10
Communicator
‎09-26-2013 03:44 AM

Hi all,

I have an iFrame which is embedded in my own website hosted by Sharepoint. All was working fine until I upgraded from 5.0.4 to 5.0.5. The iFrame shows the following error:

alt text

I've had a look around and found this is due to X-Frame-Options SAMEORIGIN which is something to do with blocking iFrames from being embedded.

I have tried this in all browsers and am getting the same problem each time.

Any ideas how to overcome this?

Reply
1 Solution
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎10-09-2013 12:49 PM

In 5.0.5 and 6.0, as part of a security-related fix (reference SPL-65987) we disabled the ability to insecurely embed content on a remote site by default.

To restore this capability, you now need to make an explicit change in web.conf to the x_frame_options_sameorigin parameter and set it to False:

x_frame_options_sameorigin = [True | False]
    * adds a X-Frame-Options header set to "SAMEORIGIN" to every response served by cherrypy
    * Defaults to True

View solution in original post

Reply
Solved! Jump to solution

piebob
Splunk Employee
Splunk Employee
‎10-09-2013 12:50 PM

a change was made in 5.0.5 and later versions to improve security and prevent clickjacking issues, this is what you're running into.

to implement this change, we set X-FRAME-OPTIONS=SAMEORIGIN in the header for all cherrypy served pages. this means that you can only iframe in pages coming from the same site.

we added a new web.conf setting: x_frame_options_sameorigin = [True | False] which defaults to True.

if you set this to False, your iframing will work again.

Reply
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎10-09-2013 12:49 PM

In 5.0.5 and 6.0, as part of a security-related fix (reference SPL-65987) we disabled the ability to insecurely embed content on a remote site by default.

To restore this capability, you now need to make an explicit change in web.conf to the x_frame_options_sameorigin parameter and set it to False:

x_frame_options_sameorigin = [True | False]
    * adds a X-Frame-Options header set to "SAMEORIGIN" to every response served by cherrypy
    * Defaults to True
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎10-09-2013 12:29 PM

Link to dannux's original posting: http://answers.splunk.com/answers/104277/iframes-and-views-broken-after-splunk-6-upgrade

0 Karma
Reply
Solved! Jump to solution

yumlu
Engager
‎10-07-2013 08:15 AM

hi dannux,
i have the same problem with 6.0. Can you let me know after your case is closed?
thanks

0 Karma
Reply
Solved! Jump to solution

watsm10
Communicator
‎10-03-2013 01:43 AM

Thank you. I would be very grateful.

0 Karma
Reply
Solved! Jump to solution

dannux
Path Finder
‎10-01-2013 10:53 AM

I have the same problem and I have a case open with Splunk support. I will post any information as soon as I have an answer from them.

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...