Display a Kentico page per iframe on a different website

Daniel Weiß asked on July 22, 2021 00:37

How do you enable a Kentico Page to be displayed as an iframe on a different website.

We are currently running Kentico Xperience 13 with ASP.Net Core and need to allow forms (more precisely pages containing nothing but forms) to be displayed in an iframe on a website which has no connection to the Kentico ecosystem.

As far as I have found these links I took into consideration:

But as a result neither CMSEnableClickjackingProtection nor CMSXFrameOptionsExcluded do the trick for me when I set them in the applicationsettings.json.

Correct Answer

Brenden Kehren answered on July 22, 2021 06:59

The site hosting the iframe needs to have the headers modified or allow the site you want to display the form on within it's header. Then you can create a simple widget that has a text input and allow a user to simply copy and paste the iframe code and output it to the site.

0 votesVote for this answer Unmark Correct answer

Recent Answers

Sean Wright answered on August 14, 2021 19:51

If you are using ASP.NET Core then none of the links you provided will be relevant.

The first link is for Portal Engine, which is not supported in Kentico Xperience 13 The second link is for Preview Mode only, which is not what is used when normally visiting a page on the site (whether it is in an iframe or not). The third link also details a setting that is relevant to Preview mode only:

When set to false, the key disables the Content Security Policy (CSP) headers that specify the frame-ancestors policy for the HTTP responses of preview mode requests.

Kentico Xperience doesn't apply any CSP headers to non-preview page responses by default (this can be changed by adding them with ASP.NET Core middleware)

Like Brenden mentioned, there is another place that iframe embedding can be prevented and that is in the application hosting the iframe. You will need to make sure it doesn't have CSP headers that are interfering with embedding the Kentico Xperience site.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.