Dashboards & Visualizations

Embed an external webpage with login to splunk dashboard

meenu_2017
New Member

I'm checking to see if i can embed an external web page which requires a login to the splunk dashboard.
I'm able to add the web page to a panel using iframe, but it is not letting me log in. Any idea what might be happening?
I otherwise have access to the external website.

Labels (1)
0 Karma
1 Solution

DavidHourani
Super Champion

Hi @meenu_2017,

On the iframe subject, which browser are you using ? Have you tried running the same page on a different browser ?

Could be a security feature on the client side blocking your access. It could also be from the server side .. harder to bypass if you're not managing the website.

iframe could be a risk for clickjacking and here are the security methods commonly used :
Client-side methods – the most common is called Frame Busting. Client-side methods can be effective in some cases, but are considered not to be a best practice, because they can be easily bypassed.
Server-side methods – the most common is X-Frame-Options. Server-side methods are recommended by security experts as an effective way to defend against clickjacking.

If embedding a website on your webpage can be bypassed then it's probably better to simply add a link to your website somewhere on the page .

Cheers,
David

View solution in original post

0 Karma

DavidHourani
Super Champion

Hi @meenu_2017,

On the iframe subject, which browser are you using ? Have you tried running the same page on a different browser ?

Could be a security feature on the client side blocking your access. It could also be from the server side .. harder to bypass if you're not managing the website.

iframe could be a risk for clickjacking and here are the security methods commonly used :
Client-side methods – the most common is called Frame Busting. Client-side methods can be effective in some cases, but are considered not to be a best practice, because they can be easily bypassed.
Server-side methods – the most common is X-Frame-Options. Server-side methods are recommended by security experts as an effective way to defend against clickjacking.

If embedding a website on your webpage can be bypassed then it's probably better to simply add a link to your website somewhere on the page .

Cheers,
David

View solution in original post

0 Karma

meenu_2017
New Member

To answer your question,David I did try on a different browser and didnot work there either. So i think its a security feature for the website.
But thanks for the details.

[Updated the comment for clarity]

0 Karma

DavidHourani
Super Champion

Great to hear !

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!