In order to allow the integration of a website in a room app, the site that is being added as a web app needs to allow the embedding by the Virtual Events platform. This is achievable through the headers provided by the respective website.
Before allowing a webpage to be embeddable on an iframe, browsers check the headers the respective website provides. If it denies the embedding, the browser refuses to connect and an error is shown in Virtual Events.
To solve this issue, the following header must be returned by the origin website:
`Content-Security-Policy: frame-ancestors https://event.swisscom.ch/
More details can be found on the official documentation of this header: CSP: frame-src
Some older websites are including the header X-Frame-Options: DENY on their response which also prevents the embedding of the website on other pages. More details here: X-Frame-Options
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article