Iframe macro - Not able to display any web page

lohlohloh October 3, 2013

Hello together,

I am using the newest confluence on demand version (5.3) and I have some problems with the iframe macro.

I am trying to display another website (not another confluence page) within a confluence page.
Lets talk about a sepcific example.

1. I set the url of the Iframe to www.google.com, the width to 500px and the height to 500px
The result is an Iframe box, displaying confluence and the error messega can't find page

2. I set the url of the Iframe to http://www.google.com, the width to 500px and the height to 500px
The result is an empty Iframe box

Do you know what I am doing wrong?
How can I display the conten or implement different weg pages?

Best regards

Thomas

14 answers

5 votes
Edward Russell October 7, 2013

Try this url in your iFrame: https://www.apple.com

Make sure it is httpS It works but http does not. But that's not the whole story because we have http iFrames that used to work and now don't.

Atlassian was working with me and here is their suggestion.

Since iFrame is part of the Adaptavist Content Formatting Macros, my suggestion is to contact them regarding this problem. If there were error messages in the logs, we could try investigating them, but since there are no error messages that can help us understand what's going on, we believe this is on Adaptavist side. There might have been changes on the add-on that are causing the issue you are having.

I will follow up with Adaptavist and if I get any information I will update this thread.

4 votes
lohlohloh October 8, 2013

I am in contact with the atlassian support and the staff member gave me a really helpful hint.

She said that some websites are using a http header called x-frame-options (link). If this header is set to:

DENY: The page cannot be displayed in a frame, regardless of the site attempting to do so.

SAMEORIGIN: The page can only be displayed in a frame on the same origin as the page itself.

ALLOW-FROM uri: The page can only be displayed in a frame on the specified origin.

Additionally she said the link must be a secure URL (https). Which is in my opinion useless because this narrows the selection of working URL's a lot.

Anyways, I could't manage to find any working link. Even with https and without the x-frame-header.

Chu LIU September 20, 2016

Hi Thomas,

We met the same issue.
It seems HTTPS website works well, but HTTP website doesn't.
Could you provide me the URL of atlassian ticket or I can reference?

Thanks a lot,
Chu

1 vote
Sami Moran September 3, 2014

Two more data points about the iframe problem:

1. The problem is definitely not the iframe macro. I used the HTML macro containing the html code to embed a page with an iframe, and this doesn't work either.

(HTML macro)
<iframe src="URL"></iframe>
(end of HTML macro)

2. A possible alternative is to use the HTML Include macro as a way to include external content on a wiki page. It works very similarly to the iframe macro, you just have to specify the URL. It doesn't always display the page exactly as you see it in the wild, but the content is there. Caveat: The Confluence HTML macros are frequently disabled by system admins because of potential security issues.

1 vote
Gretar Hauksson April 8, 2014

This is actually the case for us as well.

We're using our Confluence instance on HTTPS and our browsers stop all things embedded in HTTP. As far as I can see, this is no fault of Atlassian or Adaptavist, it's a security issue recently introduced into all the major browsers.

1 vote
Greg Pell October 10, 2013

Yeah, I can confirm that I can only get HTTPS sites to work with this Macro in our OnDemand instance of Confluence. Hopefully they fix the plugin soon!

1 vote
lohlohloh October 7, 2013

Hi Edward,

no I did not figure this out. I am still waiting for a response. I tried nearly everything in confluence and I don't have an idea why it doesn't work.

1 vote
Edward Russell October 6, 2013

Did you figure this out? Previously i was displaying iFrames fine but now they have stopped displaying and I am getting the exact same behavior you describe above. I am using Confluence OnDemand

Lee Dorobiala October 7, 2013

I was wondering also...

0 votes
Oliver Chapple April 23, 2021

Guys, it's not a bug, I don't work for Atlassian, it's a CORS issue which means there is a header on their content that requires the data to orginate at source. Browsers now block cross-origin content between two different servers. This prevents webpages being embedded using iFrames which is a security-related matter. It's reasonable enough for companies with open API's to stop any Tom Dick and Harry running bots like scrapers etc, ultimately they could breach content IP and nick your content. I realise its annoying as I can't embed the content either. What we'd like is the Confluence Cloud REST API to give us iframeable content output of a page or blogpost, and we'd be happy to use a security API Token to prevent unwanted access to our content. It's not unreasonable for customers wanting to embed blog posts at the very least! So what people are reasonably now complaining about and asking for is  - that there is no codeless or even code minimal alternative here, so they've been left in the lurch, even though this is Browser extra security that's started all this off.

0 votes
haripriya gajendran February 5, 2014

i cant seem to load the webpage in the iframe macro inside a card. It seems to work outside the card. my webpage url is https. Any help is greatly appreciated

0 votes
Clarisse Messey February 3, 2014

Hi,

I am encountering the same issue - tried to display another website and the result is an empty box. I am also working with Confluence 5.3.

@ Atlassian: are you working on fixing that bug? When it is planned to be fixed?

Thank you.

0 votes
David Thomas January 27, 2014

This is absurd. Confluence, do you want to actually develop this properly? It's a common feature and you've broken a lot of our ondemand intranet.

0 votes
Kaz Patwa January 19, 2014

is there any update to this? it still seems to be the case and has broken many of our pages that contain external content.

0 votes
CharlesH
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
October 9, 2013

We faced this problem recently with our on-premise instance of Confluence. It seems that some recent security handling changes in most browsers have impacted on the ability to embed external content in iframes. This explanation was helpful: https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/

If you can change the external content to be delivered over HTTPS then that's a solution. Otherwise you can advise users how to override the default blocking behaviour (look for the shield in the address bar in Firefox, as explained in the link above).

0 votes
lohlohloh October 9, 2013

I wrote an email to adaptavist and they said:

"The Content Formatting Macros is not compatible yet with that Specific

version of Confluence, so it could be not working as expected.
It is our high priority Plugin's and we are working on it."

"We are currently working on upgrading the ThemeBuilder to Confluence 5.3 and Content Formatting Macros is also expected to be upgraded soon. A more accurate update about the timescale can be given to you early next week."

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events