Why is an embedded dashboard in iframe not working...

fralcalde · ‎10-23-2020

Hello,
We have a simple XML dashboard in our splunk implementation which works fine when browsing splunk web.
We embedded this dashboard in another web through an iframe like follows:

<iframe src="https://Splunk-Server:8000/account/insecurelogin?username=USER&password=PASWROD&return_to=/app/My-App/Dashboard-to-embed"></iframe>

This works fine on firefox, but chrome doesn't load it.
We suspect that chrome is blocking the iframe contents because it won't load splunk's cookies in a third-party web-page, as per this article: https://blog.heroku.com/chrome-changes-samesite-cookie

In short, we don't know how to configure splunk's cookie flags to allow them being loaded cross-domain. (SameSite=None, Secure)
Or really, if this is the problem at all...
We would apreciate any help you can provide. Thank you.

lucasgraf · ‎02-10-2022

I know this is an old post, but did you ever figure out how to get this to work? I am having the same problem.

fralcalde · ‎02-10-2022

@lucasgraf
It's been very long and my memory may be wrong but I think what solved this were some simple configurations in the web.conf file.
$SPLUNK_HOME/etc/system/local/web.conf:

[settings]
x_frame_options_sameorigin = false
verifyCookiesWorkDuringLogin = false
dashboard_html_allowed_domains = XXX.XXX.XXX.XXX,*.your-domain.com

Where XXX.XXX.XXX.XXX is some IP. It accepts wildcards.
I recommend you take a look at the docs about these settings before taking my word for it.
https://docs.splunk.com/Documentation/Splunk/8.2.4/Admin/Webconf

Hope I was able to help. Good Luck.

Why is an embedded dashboard in iframe not working for Chrome?

other

simple XML

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Splunk Life | Happy Pride Month!

SplunkTrust | Where Are They Now - Michael Uschmann