Kibana in iFrame Cross-Origin


I am trying to embed a kibana dashboard in my webpage using an iFrame. This works flawlessly in internet explorer, but in Chrome and Firefox, I get :

Uncaught SecurityError: Blocked a frame with origin "" from accessing a cross-origin frame. (

In my elasticsearch.yml; http.cors.enabled is true and http.cors.allow-origin is "*".

Does anyone have any ideas as to why this would work for IE but not in Chrome or Firefox?


(I deleted my previous two replies because I misread the question. Apologies for any confusion.)

What version of Kibana and Elasticsearch are you using? These will help me to try and reproduce your situation. Thanks!

Hi Shaunak,

We are using Elastic 2.4.2 and Kibana 4.5.4

We can't change from these versions because they are specified by our project specification.


I just tried to reproduce this setup but was unable to get the same error that you are seeing. Can you try something really simple as a test?

Can you create a simple HTML file with just the Dashboard's iframe code in it? So something like this:

<iframe src="" height="600" width="800"></iframe>

And then navigate to that HTML page in Chrome. Do you still get the error or do you see the embedded dashboard?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.