You need to sign in to do that
Don't have an account?
James Buckelew
iframe in VF page getting "x-frame-options set to deny" for other users except me
I have a flow that is invoked by a button on the opportunity. It's an on screen flow that will display a dropdown with two options. One of those options, if chosen, will display an iframe (calendly) in an aura component that calls a visualforce page.
I have no issues access this and viewing the widget in an iframe, however other users cannot see it. It displays the sad face png.I've been searching on this for a few hours and have tried a few different things, and no luck. I will add code here.
.cmp
VF Page
I have unchecked both clickjack options. I have added as many pages as I can think to the trusted page source list. I can access this no problem, but other users cannot. If I login as other users, I can access the iframe. They have access to the VF page.
I have no issues access this and viewing the widget in an iframe, however other users cannot see it. It displays the sad face png.I've been searching on this for a few hours and have tried a few different things, and no luck. I will add code here.
.cmp
<aura:component implements="forceCommunity:availableForAllPageTypes,lightning:availableForFlowScreens" access="global"> <aura:attribute name="firstName" type="String"/> <aura:attribute name="lastName" type="String"/> <aura:attribute name="decodedEmail" type="String"/> <aura:attribute name="recordId" type="String"/> <aura:attribute name="cDomain" type="String" default="https://nameddomain--c.visualforce.com"/> <iframe src="{!v.cDomain + '/apex/Calendly?recordId=' + v.recordId + '%3DfirstName=' + v.firstName + '%3DlastName=' + v.lastName + '%3Demail=' + v.decodedEmail}" width="100%" height="500px;" frameBorder="0"/> </aura:component>
.design
<design:component> <design:attribute name="firstName" label="First Name"/> <design:attribute name="lastName" label="Last Name"/> <design:attribute name="decodedEmail" label="Email"/> <design:attribute name="recordId" label="Record Id"/> </design:component>
VF Page
<apex:page showHeader="false" standardStylesheets="false" sidebar="false" applyHtmlTag="false" applyBodyTag="false" docType="html-5.0"> <!-- Calendly inline widget begin --> <div class="calendly-inline-widget" style="min-width:320px;height:550px;"></div> <script type="text/javascript" src="https://assets.calendly.com/assets/external/widget.js"></script> <!-- Calendly inline widget end --> <script> const calendlyHandle = "https://calendly.com/onboarding/?sfid={!$CurrentPage.parameters.recordId}&first_name={!$CurrentPage.parameters.firstName}&last_name={!$CurrentPage.parameters.lastName}&email={!$CurrentPage.parameters.email}"; const calendlyContainer = document.getElementByClassName("calendly-invite-widget"); calendlyContainer.setAttribute("data-url", calendlyHandle ); </script> </apex:page>
I have unchecked both clickjack options. I have added as many pages as I can think to the trusted page source list. I can access this no problem, but other users cannot. If I login as other users, I can access the iframe. They have access to the VF page.
> Please ensure that the visualforce page was accessible to the user's profile
> Add the visualforce page to the Community's page (Setup --> Communities --> MyCommunity --> Workspace --> Administration --> Pages --> force.com site --> Site Visualforce Pages)
> Change the iframe URL to /MyCommunity/apex/PageName
https://salesforce.stackexchange.com/questions/224145/iframed-vf-page-fails-in-lightning-component-in-community-page
Hope this helps...
Thanks,