Lithium forum board in an iframe
Hi We are working on a new project where we would like to display the latests comments from a lithium forum thread within a single page application (SPA) and also would like to add new post to t...
Forum Discussion
Not sure of the best solution maybe an active caste widget but displaying your community via iftame is a security vulnerability as it leaves you open to click jacking.
the recommended approach is to integrate with our REST APIs to pull the data you need, and then display that data in your SPA. As you said you already integrated with Lithium SSO, it should be also easier to manage the access / permissions to the API - and then retrieve the data you need.
Clickjacking can be mitigated by using the appropriate X-Frame-Options headers - however I don't think the Community UI was built with this use case in mind - as the recommendation is to use the APIs instead in these cases.
Embedding the community in an iframe is likely unsupported ( I recommend to check this with Support if you need a definitive answer - as I am not part of the Product Management function at Lithium and I can't confirm this), but in either case I would not recommend it.
Hope this helps,
I was searching for this and wanted to do the same thing , basically to iframe the entire community page. It looks like it is not possible at all
I've checked with support and they directed me to ask in the community. Is there anyway or any sort of configuration can be done to enable iframe to only certain domains
