NimbostratusThe distant end customer is requesting for iFrame headers for their application via HTTPS. How would I activate iFrame headers with iRules?
Could I have one written out for a specific URL and one that is a generic iFrame header that will allow iFrame if requested?
I honestly am not sure how iFrame even works. I just know the distant end user needs the iFrame headers to come in so that their dashboard application works on firefox. Thank you so much
Hello Drodyc.
The iframes should be constructed in your backend server for being delived to your clients.
After that, you can use them in a different sites using something like this:
<iframe src="https://mydomain.com"></iframe>For security reasons, one browser is not going to display iframes not belonging to the domain requested.
You can control that using one specific HTTP header called 'X-Frame-Options' (see https://developer.mozilla.org/es/docs/Web/HTTP/Headers/X-Frame-Options).
So you can configure your website to allow iframes from 'mydomain.com' using this HTTP header.
X-Frame-Options: ALLOW-FROM https://mydomain.com/This header could be controlled in your backend server o directly in your F5 with an iRule.
when HTTP_RESPONSE {
#X-Frame-Options
HTTP::header insert X-Frame-Options "ALLOW-FROM https://mydomain.com/"
}Regards,
Dario.
NimbostratusIt seems as though our backend server guys would rather us have our BIG-IP to make this work as oppose there servers. I have tried the iRule below. The distant end users reported that it did not work. I used our backend server's URL and our distant end user's URL and both was unsuccessful. Is this iRule below is all I need or am I missing other lines? Should the 1st line be HTTP_RESPONSE or HTTP_REQUEST?
Is it recommended to use this iRule below?
Lastly, do I need to modify a DB value in CLI or is that only for APM? Thank you so much!
MVPI agree with Dario that this seems a job for the Dev Team. F5 has options to modify the content in the server response with Stream profile or HTTP::payload replace but for such a thing it will be complicated:
https://support.f5.com/csp/article/K39394712
https://support.f5.com/csp/article/K7027
https://clouddocs.f5.com/api/irules/STREAM__expression.html
https://clouddocs.f5.com/api/irules/HTTP__payload.html
https://support.f5.com/csp/article/K07535385
NimbostratusIt seems as though our backend server guys would rather us have our BIG-IP to make this work as oppose there servers. I have tried the iRule below. The distant end users reported that it did not work. I used our backend server's URL and our distant end user's URL and both was unsuccessful. Is this iRule below is all I need or am I missing other lines? Should the 1st line be HTTP_RESPONSE or HTTP_REQUEST?
Is it recommended to use this iRule below?
Lastly, do I need to modify a DB value in CLI or is that only for APM? Thank you so much!