Kibana not loading through Iframe on Raspberry PI, but runs in separate tab

Hi,

We are running Kibana through reverse proxy to provide password-less access through our web gui. However we have experienced on some of our Raspberry PIs that Kibana is loading forever, and when it is supposed to show the dashboards to chose from, it is blank. In the developer console it looks like a timeout, but I can't figure our why, as we can load kibana on 192.168.0.120:5602 in another tab in the browser. Running the Web GUI with Kibana Iframe on a regular PC works fine, so I can't seem figure out what is wrong.

Running Kibana in another tab takes around 12 seconds to start up, but in the Iframe Kibana loads for 3-4 minutes and nothing appears.

First error I am getting is about content security policy, however this also happens on our regular PCs.
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.

Next we are getting this error, which i think might be the cause?

Error: ScopedHistory instance has fell out of navigation scope for basePath: /app/home

  • at ScopedHistory.verifyActive (core.entry.js:13)*

Kibana Version:
v 7.15.1

The below screenshot is from when we try to access a particular dashboard through the PI. It loads forever

With Kibana 7.15 you don't need a reverse proxy to expose Kibana to anonymous users, just create a role with the appropriate permissions you want your anonymous users to get and create a user with that role. Finally add that user to the kibana configuration. More details here:

Check also this guide with some advice on how to isolate parts of Kibana using Spaces so you only grant access to defined applications inside Kibana to your visitors.

Then to allow Kibana to be displayed on an iframe you also need to change settings, take a look at the documentation for xpack.security.sameSiteCookies and xpack.security.secureCookies