ssddanbrown
commented
1 year ago because an ancestor violates the following Content Security Policy directive
You'll likely need to adjust the "Host Iframe Control" setting to allow your BookStack instance to be embedded by the ERP system: https://www.bookstackapp.com/docs/admin/security/#host-iframe-control
We also need to understand the login authentication in Bookstack from the erp screen.
Depends on what authentication you're using in BookStack. BookStack has it's own user session either way so there needs to be some exchange to log the user in. Not sure how you'd do this seamlessly between systems without extension/modification of the system. Having a shared auth provider for both systems (thinking OIDC/SAML2) could allow quicker and more aligned auth but may still not be seamless depending on settings.
namannj46
Our company has installed Bookstack in its server. Now we are trying to integrate this in one of our erp just like Appsmith. But when we tried to embed the book stack url on erp it is not opening and showing following error Refused to frame 'https://xxxxxxxx.yyy/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'". We found out that this particular domain is not allowing access through erp system, while it is working fine for other cases (Appsmith). We even checked the CSP setting, so that the book stack site can be plugged inside erp. But there are no issues there as well.
We also need to understand the login authentication in Bookstack from the erp screen. As the employees have already logged in once in the erp system so we do not want to ask them to login again to Bookstack.