iframe Usage Issues

When embedding third-party applications using iframe, it typically serves as an isolated environment to run external applications, which may introduce certain problems. Here we list some common issues to help you troubleshoot and resolve them.

1. Height Issue

The iframe cannot automatically adjust its height based on the embedded content, so you need to manually set a fixed height to display the internal system properly.

    <iframe src="https://xxxxx" height="100%" width="100%">  

2. Page Access Failure

This is usually caused by the following reasons:

1. The page uses non-HTTPS protocol, making it inaccessible. Simply switch to HTTPS protocol.

2. The response header contains x-frame-option: SAMEORIGIN, which prevents page access. You need to set this parameter to either DENY or ALLOW-FROM https://www.fxiaoke.com/.

   To modify x-frame-option, first check your own Nginx or Apache server configuration. If your service is confirmed correct, check the third-party system's admin console for related settings (e.g., "Security Headers").

3. The response header contains set-cookie: *** samesite=lax ***. The "lax" setting means cookies are only sent during top-level navigation requests, causing login failures in iframe requests.

   Regarding samesite settings: modern browsers default to "lax". You need to manually set samesite to "None" by configuring your Nginx or Apache server.