Dashboards & Visualizations

Splunk 6.5.0: Why is an embedded iframe in my dashboard not displaying?

jackhamm25
Explorer

I'm having trouble getting this working in 6.5.0. I used this exact snippet from another question about iframes where they did get it working:

<dashboard>
  <label>Test</label>
    <row>
     <html>
     <h2>Embedded Web Page!</h2>
        <iframe src="http://www.splunk.com" width="100%" height="300" style="border:none;">></iframe>
     </html>
   </row>
</dashboard>

But what I see is:

alt text

Any thoughts on why the iframe wouldn't be displaying?

Labels (3)

woodcock
Esteemed Legend

The problem that you are having is that recently Splunk has added some settings to control this type of content and defaulted dashboard_html_allow_embeddable_content to false. In order to get it to work, try enabling these settings in web.conf:

dashboard_html_allow_inline_styles = <boolean>
* Whether or not to allow style attributes from inline HTML elements in dashboards.
* If "false", style attributes from inline HTML elements in dashboards will be removed 
  to prevent potential attacks.
* Default: true

dashboard_html_allow_embeddable_content = <boolean>
* Whether or not to allow <embed> and <iframe> HTML elements in dashboards.
* If set to "true", <embed> and <iframe> HTML elements in dashboards will not be removed 
  and can lead to a potential security risk.
* If set to the default value of "false", <embed> and <iframe> HTML elements will be stripped
  from the dashboard HTML.
* Default: false

dashboard_html_wrap_embed = <boolean>
* Whether or not to wrap <embed> HTML elements in dashboards with an <iframe>.
* If set to "false", <embed> HTML elements in dashboards will not be wrapped, leading to
  a potential security risk.
* If set to "true", <embed> HTML elements will be wrapped by an <iframe sandbox> element to help
  mitigate potential security risks.
* Default: true

dashboard_html_allow_iframes = <boolean>
* Whether or not to allow iframes from HTML elements in dashboards.
* If "false", iframes from HTML elements in dashboards will be removed to prevent
  potential attacks.
* Default: true
0 Karma

vikashperiwal
Path Finder

I tried this in Splunk 8.0.6, but that did not work, I change this in system/local/web.conf n server.conf and also app/lical

0 Karma

TheFlash
Path Finder

try this, in your web.conf add these 

[settings]

dashboard_html_allow_embeddable_content = true 

dashboard_html_allowed_domains = <domain-name> (for. eg--> *.youtube.com)

Tags (1)
0 Karma

vikashperiwal
Path Finder

Tried this , but no luck.....I see same error x-frame-options set to sameorigin 

 

It's splunk 8.0.6

0 Karma

TheFlash
Path Finder

can you please share the code, which you are trying 

0 Karma

vikashperiwal
Path Finder

 

This is something I tried

Web.conf--

 

dashboard_html_allow_inline_styles = true

 

dashboard_html_allow_embeddable_content= true

 

dashboard_html_allow_embeddable_content=true

 

dashboard_html_wrap_embed=true

 

 dashboard_html_allow_iframes=true

 

dashboard_html_allowed_domains = https://youtube.com

0 Karma

TheFlash
Path Finder

replace "https://youtube.com" with  *.youtube.com
It should work then

0 Karma

vikashperiwal
Path Finder

did not make any difference, I know this was work when doing this in splunk 8.1 but my splunk 8.0.6, it's still shown 

X-frame-options to sameorigin

0 Karma

TheFlash
Path Finder

did you try setting this to 'false' in web.conf ? 

x_frame_options_sameorigin = <boolean>
* adds a X-Frame-Options header set to "SAMEORIGIN" to every response served
* by cherrypy
* Default: true

 

0 Karma

vikashperiwal
Path Finder

Yes I tried that as well..

One curious thing....I see few of the example working fine like -https://intellectualpoint.com ...but when tried for https://tableau.com that did not work and I see same errror

0 Karma

worshamn
Contributor

I was having the same issue and I opened a support ticket with Splunk. iframe does work in 6.5.x but in the example (which has an extra ">") it is using http://www.splunk.com in which Splunk's support informed me prevents anyone from embedding their website inside an iframe (google does the same as well). There is a useful site to help see if a site allows being embedded in an iframe (which is related to "X-Frame-Options" header but apparently not the only way to stop it):
http://www.tinywebgallery.com/blog/advanced-iframe/free-iframe-checker
Try this code instead:

<dashboard>
  <row>
     <panel> 
        <title>Test iframe</title> 
        <html>
          <iframe src="https://www.cloudera.com" width="100%" height="300" style="border:none;"></iframe>
        </html>
      </panel>
  </row>
</dashboard>
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...