Hi,
My question already came by on this topic: RE: UIX v2 dashboard iframe attributes? , but I would like to give a bit more details and raise the question again.
So I've been looking further into the possiblity to use another saas-product within the iframe of the UIX. Because it's now running in sandbox-mode and allow-popup is not a given attribute, the oauth-popup that is issued by the saas within a popup, get's blocked.
Is there any explanation or clear reason why this is? As the other attributes are already allowed (allow-scripts allow-pointer-lock allow-forms allow-same-origin), why not this popup?
Or is this discussion still going (and can this take a while due to summer-holidays)?
Also the page of the identity-provider cannot be set within the iframe (that's another restriction). And though in the previous UIX you could extract the used domain, and do another execution on it to execute things on the local resources, but in the new setup these contents can no longer be reached? I'm referring to '5edfe6f2-01c5-475b-988a-03d676ffbdae.mfdesktop.local/.../....' for example.
Is there anything possible on this or are there any alternatives to deal with this scenario?
Kind regards,
Chris
