Looking for a way to override the default Rails behavior of prohibiting display within an iFrame.
Having little knowledge of Rails, have tried adding the following to config/application.rb and in config/environments for development or production:
config.action_dispatch.default_headers = {‘X-Frame-Options’ => ‘ALLOWALL’}
This has worked in other Rails deployments, but not it seems for Dradis.
Is there a way of configuring this?
xavi
December 29, 2017, 7:34am
2
What you said seems the way to go to achieve this.
Also make sure to try it in a incognito window so the browser cache does not bother you, as mentioned here: responsive design - Cannot display my rails 4 app in iframe even if 'X-Frame-Options' is 'ALLOWALL' - Stack Overflow
If that doesn’t help, please try the second solution on that same thread: responsive design - Cannot display my rails 4 app in iframe even if 'X-Frame-Options' is 'ALLOWALL' - Stack Overflow
Thanks for help. It looks like the second solution might be the one, but just not sure where to include this block in the Dradis framework.
class MyController < ApplicationController
def iframe_action
response.headers.delete “X-Frame-Options”
render_something
end
end
Should this go in the application.rb file?
xavi
January 10, 2018, 6:32am
4
That should be app/controllers/application_controller.rb
I think you have to use an after_filter
or before_filter
, since it is not a single action that you want in the iframe, it’s the whole app.