For security reasons, we do not recommend this option. 3 frameborder0 allowaccelerometer autoplay encrypted-media. On the Site settings page, under Site Collection Administration, click HTML Field Security.ĭon't allow contributors to insert iframes from external domains to disallow the use of iFrames for all sites in the site collection.Īllow contributors to insert iframes from any domain to allow the use of iFrames for all sites in the site collection and to allow data from any external website to be displayed in the iFrame. You can choose between an HTML iFrame where you enter a code snippet, or Embed a Site. If you don't see Site settings, click Site information and then click View all site settings. Here's how:īrowse to the root site of your site collection.Ĭlick Settings, click Site Settings. Attribute Values allow-same-origin, Allows the iframe content to be treated as being from the same origin allow-scripts, Allows to run scripts allow-top. Site collection admins can turn off embedding content, allow embedding content from a specific list of sites, or allow embedding from any site by changing the HTML Field Security setting in site settings. Bug 182638 - Iframe allow'geolocation microphone camera midi encrypted-media ' Attachments Add an attachment (proposed patch, testcase, etc.) Note You need to log in before you can comment on or make changes to this bug. If they don't let contributors embed content, users who try to do so will see an error message that says, “Embedding content from this website isn't allowed.” Site level settings I have tried to use frame-src but it is not. It says that : Unknown directive 'frame-ancestors' in Content-Security-Policy - directive will be ignored. It has worked very well in Chrome and Firefox. Site collection administrators control whether users can embed content from external websites using the embed web part. Allow contributors to insert iframes from any domain to allow the use of iFrames for all sites in the site collection and to allow data from any external website to be displayed in the iFrame. I have an ASP.Net MVC application (named ) that allow another domain (named ) to load it in an iframe.
0 Comments
Leave a Reply. |