Forum Discussion

Icon for Altostratus rank

Altostratus

Nov 07, 2016

Avoiding cross-domain security restrictions

I have a customer who would like to embed an iframe from a Tableau server on a webpage, without getting cross-domain security restrictions. Currently the tableau server resides behind "tableau.p...

application delivery

Icon for Employee rank

Employee

Nov 07, 2016

I will say firstly that, of course, cross-site protections do exist for a very good reason, so the customer should be quite careful about this.

Having said that, the Host header and Request Target can be transparently rewritten as it traverses the BIG-IP. The following recipe explains what this is, how it is done, and provides an example:

iRules Recipe 2: Transparent Request Target Rewriting

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5