Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kibana 6.7+ does not support embedding kibana dashboard in iframe? #39142

Closed
guot626 opened this issue Jun 18, 2019 · 5 comments
Closed

Kibana 6.7+ does not support embedding kibana dashboard in iframe? #39142

guot626 opened this issue Jun 18, 2019 · 5 comments
Assignees
@kobelb
Labels
Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@guot626
Copy link

guot626 commented Jun 18, 2019

I have a plugin,it wants to embed kibana dashboard in iframe form, but now there are the following problems. Doesn't kibana6.7+ support embedding kibana dashboard in iframe form?Is there any solution to this problem?There is no problem with this plugin in 6.4 and 6.5. @epixa
thank you!
image
image
@timroes timroes added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! triage_needed labels Jun 18, 2019
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security

@timroes
Copy link
Contributor

timroes commented Jun 18, 2019

Thanks for the report. Since the error message is cut off, could you perhaps also copy the text of it into the issue description (feel free to strip the domain part also there).

@kobelb kobelb self-assigned this Jun 18, 2019
@kobelb
Copy link
Contributor

kobelb commented Jun 18, 2019
edited
Loading

Hey @guot626, if I understand correctly you have a plugin for Kibana which is using an iframe to render a specific dashboard or saved search? If so, you'll want to set the nonce attribute of the iframe based on the window.__kbnNonce__ like we do here

@guot626
Copy link
Author

guot626 commented Jun 19, 2019

@timroes Thanks for your reply.the issue description :Refused to frame 'http://localhost:5601/app/kibana#/dashboard/d2a251f0-3bea-11e9-9a8e-a1b07cfe62fe?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A10000)%2Ctime%3A(from%3Anow%2Fw%2Cmode%3Aquick%2Cto%3Anow%2Fw))' because it violates the following Content Security Policy directive: "child-src blob:". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.

@kobelb
Copy link
Contributor

kobelb commented Jun 20, 2019

Closing this issue, the solution has been provided in #39142 (comment)

@kobelb kobelb closed this as completed Jun 20, 2019
@kobelb kobelb mentioned this issue Aug 1, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kobelb kobelb

Labels
Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kobelb @timroes @LeeDr @elasticmachine @guot626