IFrame

The iFrame element can be used to display files from the server or external web pages in the forms.

images/download/attachments/189438898/image2018-7-5_16_38_42-version-1-modificationdate-1732178909718-api-v2.png


In order for a file to be displayed by the server, it must first be uploaded to the 'web' folder via the file manager.

images/download/attachments/189438898/image2018-7-5_16_41_8-version-1-modificationdate-1732178909716-api-v2.png


An external URL can be included using a fully qualified address.

images/download/attachments/189438898/image-2024-11-21_9-50-0-version-1-modificationdate-1732179000735-api-v2.png

There is also the possibility to prefix only a //. Make sure that the protocol of the page being called is automatically used by the calling page.

Likewise, it is necessary that the page being called allows for iFrame integration and does not actively block it as, for example, Google.

images/download/attachments/189438898/image2018-7-13_16_47_40-version-1-modificationdate-1732178909721-api-v2.png

This blocking can be recognized by the X-frame-options in the 'Response Header' of a web page.


The use of DENY prevents not only frame embedding of foreign pages but also embedding on the same source website.

Alternatively, the SAMEORIGIN value can be used if utilization is permitted within the same source website.

  • DENY

The page cannot be embedded in a frame, regardless of the calling web page.

  • SAMEORIGIN

The page can only be embedded as a frame if both come from the same source page (same origin).

  • ALLOW-FROM uri

The page can be embedded only if the embedding page is from uri source.