Reputation: 153
Iframe stops working after upgrading to Django 3.2 LTS
I was using Django 2.2 up till now and I recently tried upgrading to Django 3.2
We use a website live chat plugin called tawk.to which works by embedding an iframe to our page with the chat option in there.
However, after upgrading to Django 3.2, even though the plugin's JS code is loading, the iframe is missing from the website altogether.
I am not sure what is causing the issue. Is the iframe blocked in Django 3.2 or do I have to enable any setting for it?
Upvotes: 2
Views: 444
Answers (2)
Reputation: 153
I found the answer after going deep into the Django files. Add this to your settings.py file.
SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin". # when using other websites that track visitors or use their iframe on your website.
X_FRAME_OPTIONS = 'SAMEORIGIN' # Necessary to show Iframe from your own server (such as PDFs on your website)
Upvotes: 0
Reputation: 31
There are security updates are added in Django 3.2 which do not allow other frames. Refer https://docs.djangoproject.com/en/3.2/ref/clickjacking/#preventing-clickjacking.
You should change X_FRAME_OPTIONS = 'SAMEORIGIN' as explained in https://docs.djangoproject.com/en/3.2/ref/clickjacking/#how-to-use-it
Upvotes: 2
Related Questions
- Same-site iframes not able to connect in Django
- Refused to display iframe or embed tag in django 3.0 and chrome
- Using an embedded Iframe in Django?
- django Sessions are not maintaing in an iframe
- Not able to maintain login in iframe for django
- Django display a pdf in an iframe
- How to load iframe in Python Django?
- Django iframe load denied by xframe options even after view is set to @xframe_options_exempt
- How to use iframes in django-cms
- Django page not rendering in Facebook iframe