Support secure iframe-based embedding (isolated widget without script injection)
under review
C
Compact Elk
We would like to have an option to embed Document360 via an iframe instead of injecting the widget script.
Currently, the script-based integration makes it hard to work in environments with stricter CSP or isolation requirements. An iframe-based solution (e.g., a hosted HTML endpoint) would allow better separation and simpler integration on our side.
This should support full widget functionality within the iframe, without relying on access to the parent window.
Related requests: “iframe option - Private projects” and “Support for Document360 Widget in Nested Iframe Scenarios”
Those highlight similar needs, but this request is for a more complete and supported iframe-based integration approach.
Log In
Mohamed Shakheen
marked this post as
under review
Mohamed Shakheen
Hi Compact Elk,
Thank you for sharing this requirement around iframe-based embedding. We understand the challenges with script-based integration, especially in environments with stricter CSP and isolation constraints.
We will evaluate this request in detail, including the associated impact and feasibility, and will get back to you with an update.