JS script error while embedded Datafor dashboard when application and dashboard are placed on different domains

[andreysubbotin]

Test case:

• The main application is placed on localhost:18080
• Pentaho/datafor plugin is places on localhost:8080
• Integrate Datafor using iframe with URL:
  • Dashboard doesn't open.
  • Error in JS

    product.min.js?_t=1591693894967:10128 Uncaught DOMException: Blocked a frame with origin "http://localhost:8080" from accessing a cross-origin frame.
    at i.getModel (http://localhost:8080/pentaho/content/datafor/ui/product.min.js?_t=1591693894967:10128:2873758)
    at i.styleExtend (http://localhost:8080/pentaho/content/datafor/ui/product.min.js?_t=1591693894967:10128:2517566)
    at init (http://localhost:8080/pentaho/content/datafor/ui/product.min.js?_t=1591693894967:10128:2470864)
    at initialize (http://localhost:8080/pentaho/content/datafor/ui/product.min.js?_t=1591693894967:10128:267520)
    at i.t.View (http://localhost:8080/pentaho/content/datafor/ui/product.min.js?_t=1591693894967:10128:196068)

[GeCherry]

Hello Andrey, It is because of modern browser'routine operation to prevent CSRF attack . You could use nginx to solve the cross-origin problem.Such as below: listen 80; server_name localhost; location /yourapp/ { proxy_pass https://127.0.0.1:18080/yourapp/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; } location /pentaho/ { proxy_pass http://127.0.0.1:8080/pentaho/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; }