Search results

How to restrict embedding Bold BI site using an iFrame?

To restrict embedding Bold BI site into another application using an iFrame, we have to set the X-Frame-Options as Deny in the response header.

At present X-Frame-Options Header is not added in the Bold BI Application as iFrame based embedding is one of the types of embedding solutions in our Embedded BI to embed the dashboards into another application.

Follow the below step to add the X-Frame-Options in response headers of Bold BI server.

  1. Open the Web.config file and add an X-Frame-Options header like below with in system.webServer module,
                <add name="Access-Control-Allow-Origin" value="*" />
                <add name="X-Frame-Options" value="Deny" />

Web.config Directories

Since we have various distributed applications in Bold BI, We have to set the X-Frame-Options response header in the below deployed applications.

NOTE: By default, the Bold BI is deployed in “C:\BoldServices” for Windows.

Applications File Locations
Identity Provider {Deployed Location}\idp\web\Web.config
Identity Provider API {Deployed Location}\idp\api\Web.config
BOLD BI Server {Deployed Location}\bi\Web.config
BOLD BI Server API {Deployed Location}\bi\api\Web.config
Designer Service {Deployed Location}\bi\dataservice\Web.config