Kibana Iframe Share Issue with Xframe and SameSite Cookie

Hello all,

This may be a super dumb question. For reference, I am using latest React and Google Chrome. Also, to note, this is working completely fine in Firefox. Just not in Google Chrome.

Essentially, I am trying to display a Kibana's Iframe on my local React website.
The problem is that its giving me Refused to display 'https://federate-prod-es...company.com" in a frame because it set "X-Frame-Options" to "deny"

Another issue that I can see when tracking the cookies is that I see "SameSite" cookie is giving a Lax instead of None.

Does this mean that I should Install Kibana to get the Kibana.yaml to edit these properties? I thought I would be able to just easily embed the shared results of Kibana on my site.

What can I do to resolve this? Am I not understanding something?

The kibana yaml setting you are likely looking for is xpack.security.sameSiteCookies, more details hele.

I've just added it to my Elastic Cloud deployment

image

And I could deploy a minimal TypeScript React application that shows an iframe of a public dashboard I have at https://ela.st/cumbre-vieja-eruption on this location: https://ihbdnn.csb.app/

Mind that of course one thing is allowing your iframe to load and another for Kibana to display stuff for anonymous users, skip the login screen and so on. The whole Anonymous authentication section in the Kibana docs provides comprehensive details on how this works.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.