Not able to embed chat in an iframe

[amcorona]

Hello all, I have been using the openire plugin of candy-chat for about a year. When we went to openfire 3.10.2 websockets no longer worked. I then set up candy-chat on a standalone apache server and it works very well but..... I can no longer put a chat in an iframe. We often let people embed on various intranet sites.

I either see this message (only when using an iframe that is not on the origin server). It worked perfectly until upgrading from the openfire plugin to the standalone version 2.0.

10:29:11.424 Error: Permission denied to access property "document"1 candy.min.js:3:3900

And I see this in Chrome's console: Uncaught SecurityError: Blocked a frame with origin "http://origin_server.com" from accessing a frame with origin "http://embedhere.com". Protocols, domains, and ports must match.(anonymous function) @ candy.bundle.js:5740(anonymous function) @ candy.bundle.js:5811

On both the origin and 3rd party test server I have this in apache's config: Header set Access-Control-Allow-Origin "*" It doesn't help though.

Any thoughts?

[badjoerichards]

Yes, I'm also having this problem with embing and security issues. The last version that can be embed in iframes across different domains is 1.7.1

Good luck!

[rblin081]

I'm currently experiencing this issue with 2.2.0, has there been a workaround ?