Deployment Architecture

Splunk 5.0.5 upgrade stopping iFrames from working??

watsm10
Communicator

Hi all,

I have an iFrame which is embedded in my own website hosted by Sharepoint. All was working fine until I upgraded from 5.0.4 to 5.0.5. The iFrame shows the following error:

alt text

I've had a look around and found this is due to X-Frame-Options SAMEORIGIN which is something to do with blocking iFrames from being embedded.

I have tried this in all browsers and am getting the same problem each time.

Any ideas how to overcome this?

1 Solution

hexx
Splunk Employee
Splunk Employee

In 5.0.5 and 6.0, as part of a security-related fix (reference SPL-65987) we disabled the ability to insecurely embed content on a remote site by default.

To restore this capability, you now need to make an explicit change in web.conf to the x_frame_options_sameorigin parameter and set it to False:

x_frame_options_sameorigin = [True | False]
    * adds a X-Frame-Options header set to "SAMEORIGIN" to every response served by cherrypy
    * Defaults to True

View solution in original post

piebob
Splunk Employee
Splunk Employee

a change was made in 5.0.5 and later versions to improve security and prevent clickjacking issues, this is what you're running into.

to implement this change, we set X-FRAME-OPTIONS=SAMEORIGIN in the header for all cherrypy served pages. this means that you can only iframe in pages coming from the same site.

we added a new web.conf setting: x_frame_options_sameorigin = [True | False] which defaults to True.

if you set this to False, your iframing will work again.

hexx
Splunk Employee
Splunk Employee

In 5.0.5 and 6.0, as part of a security-related fix (reference SPL-65987) we disabled the ability to insecurely embed content on a remote site by default.

To restore this capability, you now need to make an explicit change in web.conf to the x_frame_options_sameorigin parameter and set it to False:

x_frame_options_sameorigin = [True | False]
    * adds a X-Frame-Options header set to "SAMEORIGIN" to every response served by cherrypy
    * Defaults to True

ChrisG
Splunk Employee
Splunk Employee
0 Karma

yumlu
Engager

hi dannux,
i have the same problem with 6.0. Can you let me know after your case is closed?
thanks

0 Karma

watsm10
Communicator

Thank you. I would be very grateful.

0 Karma

dannux
Path Finder

I have the same problem and I have a case open with Splunk support. I will post any information as soon as I have an answer from them.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...