Last modified by Aurelie Bertrand on 2025/02/07 10:22
From version 1.1
edited by jhurst
on 2020/07/21 11:35
Change comment: Imported from XAR
To version 4.1
edited by Aurelie Bertrand
on 2025/02/07 10:22
Change comment: Copied from dev:Digdash.customization.url_parametres.WebHome

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -xwiki:XWiki.jhurst
1 +xwiki:XWiki.aureliebertranddigdashbiz
Content
... ... @@ -5,26 +5,19 @@
5 5  
6 6  DigDash can be embedded at multiple “levels” in external websites:
7 7  
8 --Dashboard
8 +* Dashboard
9 +* Dashboard page
10 +* Information {{glossaryReference glossaryId="Glossary" entryId="Flux"}}Flow{{/glossaryReference}}
9 9  
10 --Dashboard page
11 -
12 --Information Flow
13 -
14 14  In this document we will present url that works in the following context:
15 15  
16 -Server name: ddsrv
14 +* Server name: ddsrv
15 +* Port: 8080
16 +* DigDash Domain: ddenterpriseapi
17 +* DigDash Dashboard Domain: digdash_dashboard
17 17  
18 -Port: 8080
19 -
20 -DigDash Domain: ddenterpriseapi
21 -
22 -DigDash Dashboard Domain: digdash_dashboard
23 -
24 -
25 25  = Dashboard =
26 26  
27 -
28 28  At this level you can embed multiple pages in an iframe.
29 29  
30 30  URL : http:~/~/ddsrv:8080/digdash_dashboard/index.html
... ... @@ -87,10 +87,8 @@
87 87  [[http:~~/~~/ddsrv:8080/digdash_dashboard/index.html?page=user1.page1&domain=ddenterpriseapi&login=user1&pass=pass1&hideBanner=true&hideFilters=true&var=1>>url:http://ddsrv:8080/digdash_dashboard/index.html?page=user1.page1&domain=ddenterpriseapi&login=user1&pass=pass1&hideBanner=true&hideFilters=true&var=1]]
88 88  )))
89 89  
83 += Information {{glossaryReference glossaryId="Glossary" entryId="Flux"}}Flow{{/glossaryReference}} =
90 90  
91 -= Information Flow =
92 -
93 -
94 94  At this level you can embed one information flow (graphic component) of your information wallet into an iframe
95 95  
96 96  URL: http:~/~/ddsrv:8080/ddenterpriseapi/viewflow?flowId=<flowid>
... ... @@ -138,7 +138,19 @@
138 138  http:~/~/ddsrv:8080/ddenterpriseapi/viewflow?flowId=2340fd0&user=user1&pass=pass1&Geo=France&HGeo=Geography&LGeo=Country
139 139  )))
140 140  
132 += Security Constraints =
141 141  
134 +Some browsers, for example Chrome from its version 80, may refuse to process cookies that are coming from embedded webpages if the iframe site host is different than the embedding page.
142 142  
136 +The solution is to use an attribute //SameSite=None// on the cookie. This attribute must be set be the application container (Tomcat), or the HTTP front server (eg. Apache httpd). There are various available documents online to configure this cookie attribute. For tomcat's cookies : [[https:~~/~~/tomcat.apache.org/tomcat-9.0-doc/config/cookie-processor.html>>https://tomcat.apache.org/tomcat-9.0-doc/config/cookie-processor.html]]. On the Apache httpd side, the use of mod_headers module may be required.
143 143  
138 +However, the attribute //SameSite //can not be set on an non-secure cookie. So the //Secure //attribute must be set as well to be able to set SameSite=None. And the //Secure //attribute must be set only for HTTPS site.
139 +
140 +So, consequently, embedding a DigDash Enterprise dashboard, or viewflow page, in an iframe,** if the embedding page and the iframe have different hosts**, will require to use an HTTPS connexion, and to configure cookie processing.
141 +
142 +The following Mozilla document this requirements : [[https:~~/~~/developer.mozilla.org/fr/docs/Web/HTTP/Headers/Set-Cookie/SameSite>>url:https://developer.mozilla.org/fr/docs/Web/HTTP/Headers/Set-Cookie/SameSite]]
143 +
144 +
145 +
146 +
144 144