Skip to main content

Embedding external sites with URL type

Please note

We use iframes to display external websites in our content. If a website denies the usage of iFrames/embedding, we will be unable to display it.

If the website is yours, you can change this setup. If it is not yours, we suggest speaking with the website owner to allow embedding.

In the Text Menu you can choose your Content type.

  • URL type can set the URL that you want to display.
    • You can also make it Interactive and display it Same origin website.

cu1.png

Caveats and limitations

Why does my webpage not show up at all?

X-Frame-Options

As stated we use iframes to display external websites in our content. If a website denies the usage of iFrames/embedding, we will be unable to display it. If the website is yours, you can change this setup. If it is not yours, we suggest speaking with the website owner to allow embedding.

You can check if this is the issue, if you open up the Content's Preview and take a look at browser console to find error messages.

Please note

If you see the following error that means we will not be able to display it as an embedded site at all.

Refused to display 'url' in a frame because it set 'X-Frame-Options' to 'DENY'

There are 3 types of errors you can get

  • X-Frame-Options:DENY - The website you wish to show does not allow to be used as an embedded
  • X-Frame-Options:SAMEORIGIN - This means the website you wish to show can only be embedded in a frame on a page with the same origin as itself.
  • X-Frame-Options:ALLOW-FROM - The site you wish can only be displayed in a frame on the specified origin. This only works in browsers that support this header.

Mixed content

If the webpage you try to embed uses HTTP you will not able to embed into our system. We use HTTPS protocol which forbids such cases.

You can check if this is the issue, if you open up the Content's Preview and take a look at browser console to find error messages.

Mixed content: The page at "https://x" was loaded over HTTPS, but requested an insecure frame "http://y". This content should also be served over HTTPS.

What does Same origin switch on the widget do?

Same origin policy restricts how documents and scripts on one origin can interact with browser resources on another origin. There are some specific usecases where the embedded site needs to have access to these resources to work properly.

You can check if this is the issue, if you open up the Content's Preview and take a look at browser console to find error messages.

Refused to display 'url' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'
Uncaught SecurityError: Failed to read the 'serviceWorker' property from 'Navigator': Service worker is disabled because the context is sandboxed and lacks the 'allow-same-origin' flag.
tip

You must use both Interactive and Same origin settings if you want to display a Google Form.

Custom Widget won't update its content after a website change

If the website you are displaying on the device does not have any built-in update or refresh functionality the webpage may not refresh itself in our widget. As a result, if the device has previously visited the site and stored cookies or cached content, it may continue to display the older version of the site.

Our widget respects the call to invalidate the browser's stored files. So if the site contains cache handling we will be able to pull the new version.

To ensure the latest content is displayed, it is necessary to manually clear the device's browser cache, or build in a refresh or update inside the site itself.

Please note

Clearing browser cache is not the same as right clicking screen > Content > Clear cache or the secret menu Clear cache mechanism.

These options only wipe out the storage that our app uses, but the mechanism does not include the device browser's cache storage.

Please note

You can also try to force a webpage update by creating a duplicate of the original Content and assign that duplicate to the screens