Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk 5.0.5 upgrade stopping iFrames from working??

watsm10
Communicator
‎09-26-2013 03:44 AM

Hi all,

I have an iFrame which is embedded in my own website hosted by Sharepoint. All was working fine until I upgraded from 5.0.4 to 5.0.5. The iFrame shows the following error:

alt text

I've had a look around and found this is due to X-Frame-Options SAMEORIGIN which is something to do with blocking iFrames from being embedded.

I have tried this in all browsers and am getting the same problem each time.

Any ideas how to overcome this?

Reply
1 Solution
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎10-09-2013 12:49 PM

In 5.0.5 and 6.0, as part of a security-related fix (reference SPL-65987) we disabled the ability to insecurely embed content on a remote site by default.

To restore this capability, you now need to make an explicit change in web.conf to the x_frame_options_sameorigin parameter and set it to False:

x_frame_options_sameorigin = [True | False]
    * adds a X-Frame-Options header set to "SAMEORIGIN" to every response served by cherrypy
    * Defaults to True

View solution in original post

Reply
Solved! Jump to solution

piebob
Splunk Employee
Splunk Employee
‎10-09-2013 12:50 PM

a change was made in 5.0.5 and later versions to improve security and prevent clickjacking issues, this is what you're running into.

to implement this change, we set X-FRAME-OPTIONS=SAMEORIGIN in the header for all cherrypy served pages. this means that you can only iframe in pages coming from the same site.

we added a new web.conf setting: x_frame_options_sameorigin = [True | False] which defaults to True.

if you set this to False, your iframing will work again.

Reply
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎10-09-2013 12:49 PM

In 5.0.5 and 6.0, as part of a security-related fix (reference SPL-65987) we disabled the ability to insecurely embed content on a remote site by default.

To restore this capability, you now need to make an explicit change in web.conf to the x_frame_options_sameorigin parameter and set it to False:

x_frame_options_sameorigin = [True | False]
    * adds a X-Frame-Options header set to "SAMEORIGIN" to every response served by cherrypy
    * Defaults to True
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎10-09-2013 12:29 PM

Link to dannux's original posting: http://answers.splunk.com/answers/104277/iframes-and-views-broken-after-splunk-6-upgrade

0 Karma
Reply
Solved! Jump to solution

yumlu
Engager
‎10-07-2013 08:15 AM

hi dannux,
i have the same problem with 6.0. Can you let me know after your case is closed?
thanks

0 Karma
Reply
Solved! Jump to solution

watsm10
Communicator
‎10-03-2013 01:43 AM

Thank you. I would be very grateful.

0 Karma
Reply
Solved! Jump to solution

dannux
Path Finder
‎10-01-2013 10:53 AM

I have the same problem and I have a case open with Splunk support. I will post any information as soon as I have an answer from them.

0 Karma
Reply
Get Updates on the Splunk Community!

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability As businesses scale ...