Hi Dojo trying to show a URL to a webpage with login credentials in a webapp but I get the following error "The document is sandboxed and lacks the 'allow-same-origin' flag" any idea how to solve this?
Thanks in advance
Showing a webpage inside another webpage could potentially be very dangerous, because that webpage could access in-memory data, session data, storage data, the code, etc of the parent website (our app), which could contain access tokens, passwords, and other confidential data, and expose this to a 3rd party API etc. It could also do actions on your behalf, and it can also impact how the parent webpage (our app) works.
That's why we let our web apps tell the browser to treat the webpage as a completely separate website (under its own origin) by running it inside a "sandbox". This should work, but in your case the webpage tries to access the localStorage which is the one of our app, so the browser blocks this (as expected). Unfortunately the webpage crashes here because it didn't expect this.
If you're not able to modify the webpage to properly handle this, then I'm afraid there is no good way to get this working.
Hi Martijn,
which webpage are you trying to show?
Also I have a feeling that this is using Iframes in the backend. You could have a look at following post (https://stackoverflow.com/questions/30183320/iframe-sandboxing-with-allow-same-origin-flag-error) to see if this helps you further.
Wkr