Forum Discussion
CA_Valli
MVP
MVPApplying APM on an iframe
Hello everyone, I'm having this issue where APM-protected content fails to start APM session if called from an iFrame. The access session starts at client request time as expected, and I can see t...
So we did some more testing, and this is not going to work.
We've worked with support and experimented with iRules to insert additional headers and cookies into the response, but the behaviour of CORS is that these are always going to be removed. And because APM relies heavily on cookies to function, it does mean that accessing APM-protected content from an iFrame will fail to work.
CA_ValliMVP
MVPSo we did some more testing, and this is not going to work.
We've worked with support and experimented with iRules to insert additional headers and cookies into the response, but the behaviour of CORS is that these are always going to be removed. And because APM relies heavily on cookies to function, it does mean that accessing APM-protected content from an iFrame will fail to work.
- AubreyKingF5
Moderator
Sorry about this! One thing.. and sorry I didn't see this until now.. one-connect on the VIP. Did support have you try this?
- CA_Valli
Hello Aubrey, thanks for your input.
We haven't tried Oneconnect, but since APM is in place and we're getting errors at authentication time, the BIG-IP never really forwards these packets to back-end anyways.- AubreyKingF5
Did support give any idea on whether or not a fix for this was on the horizon in code release?
