External Content: Difference between revisions
(306991) |
No edit summary |
||
| (34 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
External Content component shows content from other webpages in dashboards. For example Microsoft Sharepoint or other content management systems can be integrated into QPR ProcessAnalyzer. The External Content component uses the HTML ''iframe'' element to embed the content. | |||
By default, only websites from the same origin than the QPR ProcessAnalyzer server can be embedded. This is due to the Content security policy (CSP) HTTP header (more information: [[QPR_ProcessAnalyzer_Security_Hardening#Added_HTTP_Headers|Security Hardening]]). The CSP HTTP header can be set in the [[Installing_QPR_ProcessAnalyzer_Server#Server_settings_file_(appsettings.json)|appsettings.json file]]. | |||
== | == External Content Component Settings == | ||
Following properties can be set on the Properties tab: | |||
* '''Name''': Name of the External Content component. | |||
* '''Description''': Description for the External Content component. | |||
* '''External content URL''': The URL of the external page you want to embed. You can also use a relative path (e.g. "/examples/test.html"), if the page you want to embed is accessible by the same protocol, host, and port. | |||
== | == Passing Variables in Url== | ||
You can pass context variable values in the iframe url using the variable tags. Example: | |||
'''<nowiki>http(s)://SERVERNAME/ExternalPresentationObjects/ExternalPresentationObject1#variable1=<#variable1>&variable2=<#variable2></nowiki>''' | |||
== Web Browser Security Considerations == | |||
Some websites prevent themselves to be embedded into other websites using iframe. In those cases, the component will be left blank (in Chrome and Firefox) or there may be an error message "This content cannot be displayed in a frame". The way to workaround the issue is to have '''X-Frame-Options''' HTTP response header changed in the embedded website (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options). | |||
Latest revision as of 15:53, 2 December 2024
External Content component shows content from other webpages in dashboards. For example Microsoft Sharepoint or other content management systems can be integrated into QPR ProcessAnalyzer. The External Content component uses the HTML iframe element to embed the content.
By default, only websites from the same origin than the QPR ProcessAnalyzer server can be embedded. This is due to the Content security policy (CSP) HTTP header (more information: Security Hardening). The CSP HTTP header can be set in the appsettings.json file.
External Content Component Settings
Following properties can be set on the Properties tab:
- Name: Name of the External Content component.
- Description: Description for the External Content component.
- External content URL: The URL of the external page you want to embed. You can also use a relative path (e.g. "/examples/test.html"), if the page you want to embed is accessible by the same protocol, host, and port.
Passing Variables in Url
You can pass context variable values in the iframe url using the variable tags. Example:
http(s)://SERVERNAME/ExternalPresentationObjects/ExternalPresentationObject1#variable1=<#variable1>&variable2=<#variable2>
Web Browser Security Considerations
Some websites prevent themselves to be embedded into other websites using iframe. In those cases, the component will be left blank (in Chrome and Firefox) or there may be an error message "This content cannot be displayed in a frame". The way to workaround the issue is to have X-Frame-Options HTTP response header changed in the embedded website (more information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options).