Webstudio
Log in

Join the Webstudio community

Updated 3 months ago

Unable to put a Webstudio site within an iFrame on Webstudio

At a glance

The community member has set up a testing environment at https://iframe-lfs9b.wstd.io/ and is unable to add an iFrame with the source set to another Webstudio website due to a specific use case. The community members discuss potential workarounds, such as self-hosting, adding a proxy worker in Cloudflare to set the content-security-policy header, and setting up a worker to add a password to the website and display it within an iFrame. However, there is no explicitly marked answer in the comments.

Useful resources
MMrShrek
Β·
I have set it up here for testing - https://iframe-lfs9b.wstd.io/

There is a very specific use case where it would have to be inside an iFrame. I am unable to add an iFrame with the source set to another Webstudio website.
O
M
10 comments
OOleg Isonen
Just recently implemented protection against clickjacking
OOleg Isonen
An option to enable embedding in specific sites needs to be added yet https://github.com/webstudio-is/webstudio/issues/4748
MMrShrek
Got it
MMrShrek
I am assuming there is no short term workaround to this?
OOleg Isonen
self-hosting
MMrShrek
That's a bummer πŸ˜”
OOleg Isonen
another option could be adding your proxy worker in cloudflare and set the header there, technically it should be only a few lines of code
MMrShrek
I actually was working on setting up a worker to add a password to the website and then display it within an iFrame when I ran into this -
Here is the code: https://jsfiddle.net/7s4zt2hb/
MMrShrek
Conceptually this would be the visual layout
OOleg Isonen
Yeah, so you would need the worker in any case, all you need is to set the content-security-policy header, currently its "frame-ancestors 'self'" - which means no emebeddings, but you can either enable embeddings for all sites or define the specific parent url
Add a reply
Sign up and join the conversation on Discord