Symptom
When you try to show a webpage in a Presentation using the Web Page or HTML Embed option, you see an error message that says the page cannot be embedded in an iFrame.
Why This Happens
Some websites block embedding in other pages for security reasons. This restriction is controlled by the site’s X-Frame-Options or Content-Security-Policy headers. When these are in place, Rise Vision can’t load the webpage inside a presentation frame.
Resolution
-
Verify the website’s policy: The error message includes links for X-Frame-Options and Content-Security-Policy. These indicate that the site owner doesn’t allow their page to be displayed in an embedded frame. Follow these steps to check your website:
- Open https://securityheaders.com in your web browser.
- Enter the full URL of the webpage you are trying to display (for example: https://www.example.com).
- Click Scan.
- Once the results load, scroll to the Content-Security-Policy section.
- Look for a setting called frame-ancestors:
- If it shows 'none', the webpage cannot be embedded.
- If it lists specific websites, the page can only be embedded on those domains.
- If frame-ancestors is not listed, continue to the next step.
- Scroll to the X-Frame-Options section:
- DENY or SAMEORIGIN means the page cannot be embedded on external sites.
- If X-Frame-Options is missing, the page can usually be embedded.
- If either frame-ancestors or X-Frame-Options blocks embedding, the webpage will not display inside Rise Vision.
-
Contact the website owner: Ask if they can update their site settings to allow embedding from
https://widgets.risevision.com. This is required for the Web Page or HTML Embedded Presentation to work. -
Try an alternative approach:
- If the site offers a public widget or shareable embed code, use that instead of the full webpage URL.
Have a suggestion or feature request? Let us know here.